Relias Media January 1, 2021 – Cyberattack Almost Shuts Down Health System, Shows Need for Security
Executive Summary
A U.S. healthcare system recently was the victim of a cyberattack that hampered patient care. The attack is believed to be the largest such attack on a U.S. healthcare organization.
- Ryuk ransomware apparently was used.
- The attack did not shut down the system’s electronic health records.
- Hackers increasingly are focused on healthcare organizations.
…
Seeing Hospitals as Good Targets
Cyber thieves are attacking healthcare institutions more often and are acquiring more valuable data than in the past, says Steve Tcherchian, chief information security officer at XYPRO, a cybersecurity analytics company in Valley, CA.
When the price of a stolen credit card dropped precipitously because the black market was flooded with them, hackers found a new target in the healthcare industry, he says. On the whole, the healthcare industry has an aging infrastructure that is less resistant to hacking, and industry tends to adopt security precautions more slowly than other potential targets, Tcherchian says.
He says that many medical data breaches are now as big as the largest retail breaches and medical records can be 10 times as valuable as credit cards on the black market.
A patient’s medical history can be the key for a hacker to commit medical identity theft and submit fraudulent insurance claims, which have the potential for big payouts, Tcherchian says. According to IBM Security’s 2020 data breach cost report, the average cost of a healthcare data breach is $7.13 million. Cyber thieves also may use the information to purchase prescription drugs and resell them online, he says.
To read the full article visit Relias Media.
Steve Tcherchian, CISSP, PCI-ISA, PCIP is CEO of XYPRO Technology, a leading provider of mission-critical cybersecurity solutions that protect the digital backbone of industries worldwide. With over 20 years of experience, Steve brings a unique blend of technical expertise, strategic vision, and a customer-first approach that has transformed XYPRO into a top-tier cybersecurity provider, driving record growth and accelerated adoption of its threat detection and compliance solutions across diverse sectors.
A passionate advocate for cybersecurity, Steve is dedicated to demystifying the complexities of the industry and sharing actionable insights on global stages as a sought-after speaker. His contributions extend beyond the podium: as a former member of the ISSA CISO Advisory Council, the X9 Security Standards Committee, the Forbes Tech Council, and as a patent holder, Steve has shaped pivotal cybersecurity standards and innovations that safeguard the world’s most critical workloads.
