Looking back to 2017 has shown us that threat actors are interested in 2 very specific action. The first is to steal the confidential information by attacking healthcare providers and the second being the generation of revenue using ransomware and virtual currency mining. Another area Another area of concern is corporate espionage which we at Jigsaw Security see as the main threat being faced in 2018.
In many cases the threat actors goals are the same which is to profit monetarily by stealing proprietary information, healthcare records and in the theft of computing resources to generate revenue utilizing mining operations of unsuspecting users.
Why Health Care?
When we look we see that a major target of these attacks is the health care sector. We wanted to try and determine why this sector is targeted more often than other sectors. It really comes down to market economics. Healthcare data is more valuable than credit card data because the information cannot be changed once it is acquired. Unlike a credit care that can be canceled, health care information remains what it is, a data point at a particular time in a persons life.
It is estimated by the FBI that your medical records are worth 10 times (or more) than your credit card numbers. Large amounts of medical data commands a higher payout than the same number of credit cards in short because the data in health records can be used to commit other types of identity theft. There is also evidence that this information has been used to solicit drugs or other medical devices billed to insurance that can be resold. In addition insurance fraud is rampant whereas threat actors will use patient information with false provider numbers and file made up claims. with insurers whom sometimes catch it and sometimes they don't.
We believe the most damaging of these attacks will continue to be ransomware in the near future. Just remember that 40% of all health care organizations have reported criminal cyber activity as reported by the Ponemon Institute think tank.
Learning Institutions Cause Issues