An article in the Feb. 18 Wall Street Journal reported a state of emergency in the Healthcare Industry, which has not kept pace to protect their networks from outside attacks. The WSJ discovered that 4shared.com, a free file sharing website commonly used by hackers, contained sensitive information from three nursing homes in New York. The nursing homes had no idea they had been hacked until they were contacted by the reporter. The malware had likely lived in some of the networks since 2007.
According to the Journal, “A document available on 4shared.com purporting to be from Campbell Hall (Rehabilitation Center) included the brand of firewall, the networking switch, the Internet addresses of wireless access points for 11 rooms, precise blueprints of the facility, the locations of PCs and printers, and the encryption keys, usernames and passwords granting access to the network.”
Once this type information is obtained by criminals, it can be used to install malware that can obtain passwords, medical records, and even access to equipment such as MRIs and dialysis machines, which are regularly updated online.
Security expert Sam Glines said that medical records sell for $60 each on the black market, compared to $20 for a credit card record. Stolen medical records are more lucrative for thieves because they contain patient information that can be used not only to open credit lines, but also for insurance, Medicare and prescription fraud. This greater value will continue to attract entrepreneurial hackers to target Healthcare organizations.
But it’s easy for Healthcare networks to secure their valuable PHI. EdgeWave’s full suite of internet security solutions allow Healthcare organizations to keep pace with increased adoption of electronic medical records while protecting this critical data from cybercriminals.