Hancock Regional Hospital in Greenfield, Indiana, Steve Long was the hospital administrator and was attacked by the Internet earlier this year. For a long time, in order to ensure the safety of his patient four bitcoins were paid to the hacker to redeem hospital stolen information. Now, when Long spends most of his free time talking to other people in the domestic health care industry, he hopes that education can help them avoid becoming victims of similar attacks and these attacks are increasing.
Cyber attack: Hancock District Hospital
According to an interview with CNBC cyber attacks against Long Hospital became possible because criminals obtained a login certificate for a supplier of hardware for one of its information systems, and the group injected malicious Software and encrypt hospital data.
In order to determine the cause and scope of the attack and eliminate the threat, Long and his team recruited Pondurance, a cyber security company based in Indianapolis. Ron Pelletier, co-founder of Pondurance, said that the first task is to contain the intrusion and assess the impact.
The Pondurance experts, along with the FBI, were asked to help pinpoint the origin of the attack. They concluded that there was no easy way to remove encrypted data from the Hancock system and replace it with clean data in the backup.
Because of this fact, Long – who took into account the January flu outbreak and the day of the attack that struck the blizzard in Indiana – decided to from Hackers buy decryption keys. This was achieved through the transfer of four bitcoins, which had sales of more than $13,500 on that day, making the Hancock Regional General Hospital's disbursements reach approximately $55,000.
Pelletier said: "Crime groups are now treating it as a business. "They are planning, they will make sure they understand how they will perform, and then they will set off to see what they can do local. "
Heathcare and computer security incidents
According to data from Chubb, the world's largest publicly traded property and accident insurance company, computer security incidents in the health care sector far exceeded any other industries in the past decade, accounting for 38% of incidents, and the percentage of professional services for 16 incidents And 11% of retail sales. There is a solid reason: Chubb said that the value of personal health information on the black market is about 10 times higher than that obtained by hackers from retailers
Unlike personally identifiable information (which may include names, email addresses and credit card numbers, or social security numbers), healthcare-related information provides a large amount of additional data, including medical records. Chubb experts told CNBC that health insurance ID numbers may also be related to driver's license numbers or financial information.
The biggest problem with stealing such information is that it cannot be repaired immediately. Consumers can close the credit card after a cyber attack but cannot cancel the social security number or change the date of birth. Therefore, hackers can collect patient data and save it as "a greater score along the way," said Chubb's Mike Tanenbaum, who can use it to open illegal bank accounts or steal more information.
More and more health care issues have arisen in the era when US companies have been rigorously scrutinizing their methods of managing consumer data, raising questions about how to use and protect personal information. Last week, Under Armour, a sporting goods retailer, told customers that its MyFitnessPal app was compromised and jeopardized the data of approximately 150 million users.
We Can't Forget Facebook : The social media giant recently used information about approximately 87 million user profiles because it revealed that Cambridge analysts did not correctly obtain data for positioning politics. Advertising and affecting the 2016 US presidential election.
Image Credit Shutterstock