Page 19 - index
P. 19
Healthcare IT in state of shock
INTERNET OF THINGS COMPLICATING CYBERSECURITY
by Sam Glines, CEO and Co-founder, Norse
Cybersecurity, patient privacy, and fraud have all been long standing concerns for the
heavily regulated healthcare industry. While the recent data breaches perpetrated against
well known retailers such as Target and Michael’s tend to get most of the headlines, recently
more attention is being focused on healthcare organizations as primary targets of
cybercriminals due to the massive amounts private patient data stored within healthcare
provider networks.
Recent evidence suggests that healthcare organizations are struggling to adapt to adapt
their cyber defenses and internal processes to the more advanced threats and attacks that
have emerged in recent years.
Unfortunately, the rise of the Internet of Things (IoT), mobile computing, and cloud
computing are rapidly expanding the attack surface of most enterprises, and the situation will
only get worse without proper investments in qualified IT security personnel, employee
education and next generation cyber security technologies and solutions.
Recently, we at Norse partnered with the well-respected SANS organization to release the
Norse-SANS Healthcare Cyberthreat Report. This was a solid partnership for both parties.
SANS, through its research analysts dedicated to the study of the effects of cyberattacks on
multiple industries, provides cybersecurity training, certification, and research information to
other organizations, while we at Norse focus on enabling organizations to defend against the
advanced cyberthreats of today and tomorrow through our innovative live threat intelligence
solutions.
Simply put, our common goal in this report was to identify cyberthreats wreaking havoc in
the healthcare IT industry, and inform those being targeted.
Through our live global threat intelligence platform, which is a network of more than six
million sensors and honey pots located in 38 global data centers and 20 major Internet
exchanges, we were able to identify cyberattacks and fraud targeting the healthcare industry
through our continuous collecting and analyzing of high risk Internet traffic.
What we uncovered between September 2012 and October 2013 was, in a word, alarming.
Here are a few of the most frightening malicious activities discovered:
• 49,917 unique, malicious events
• 723 unique, malicious source IP addresses
• 375 U.S.-based. compromised healthcare-related organizations
• Compromised radiology devices
• Compromised VPNs
19 Cyber Warnings E-Magazine – April 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
