Compliance & Industry Solutions, Health Care, Security Trends/Attacks
Arctic Wolf Networks

It’s no secret that hackers love to go after health institutions. Protected health information also happens to fetch a pretty penny when sold on the dark Web as personally identifiable information. Social Security numbers, names, addresses and in some cases payment information can all be used to perpetrate identity theft.

However, the most recent string of health care cyberattacks proves that there is no depth hackers won’t sink to for a quick payday. Fresh off the heels of a ransomware hostage incident at the Hollywood Presbyterian Medical Center, cyberattackers breached an oncology organization that operated more than 145 cancer treatment centers throughout the United States. New reports suggest that millions of patients may have been affected.

What happened:

21st Century Oncology was advised of a possible data breach in November 2015 by the FBI, but was asked to avoid making an announcement so as not to interfere with the investigation, according to Reuters. Upon closer inspection, the FBI confirmed that a breach had occurred in October, and that names, Social Security numbers, insurance data and diagnostic and treatment information for some patients were included in the affected database.

Recently, 21st Century Oncology notified 2.2 million current and former patients that their information may have been compromised as a result. Those who were potentially affected will be offered identity-theft protection services in the aftermath.

No end in sight for health care

It was bad enough in 2015 when hackers targeted large insurance providers such as Anthem and Premera. However, the two most recent victims or cyberattacks were a hospital and a company that operates treatment facilities for cancer patients, respectively. The message here is clear: It’s not beneath hackers to deliberately strike facilities that are intended to treat the sick. Nevertheless, it’s a tactic that continues to catch many medical institutions off guard.

A recent Ponemon Group report found that there is approximately one cyberattack against the health care industry every month, and that 13 percent of organizations don’t actually know how many breaches may have occurred. Meanwhile, 26 percent of health organizations said they can’t be sure if patient data has been exposed or not in the past year.

This much is known: The health care industry has continually been bombarded by hackers, and the probability that there are several breaches in progress unbeknownst to medical institutions is frighteningly high. According to  Health Care IT News, cybercrime is expected to increase throughout the health care sector in 2016. Based on the year so far, these projections appear to be coming to fruition, and in a scary way.

Better threat intelligence: SOC-as-a-service provides a ray of hope

The good news is that Health Care IT did predict that threat intelligence would improve in 2016, mainly out of necessity. Specifically, the report quoted Dr. Larry Ponemon, founder of the Ponemon Institute, as saying that network intelligence and surveillance will continue to progress “at a good clip” and that “we will continue to improve our ability to use advanced analytics to identify anomalies.”

“Cyberthreat detection is half the battle.”

There are various forms of cybersecurity on the market that are dedicated to doing exactly what Ponemon described above, not the least of which is a security operation center. Unlike traditional SIEM software, modern SOC-as-a-service offerings are deployed and operated by dedicated security engineers. These highly trained professionals constantly monitor the network for any indication of unusual activity. They also assess the general security of the network, which means that in addition to improving cyberthreat intelligence, they can help a health care organization enhance its overall cybersecurity strategy.

As already mentioned, cyberthreat detection is half the battle for a sizable chunk of health care organizations. In the case of the 21st Century Oncology breach, the FBI was responsible for detecting the intrusion. This has become all too common in industries across the board.

Nevertheless, if Ponemon is correct in his prediction that threat intelligence will be a focus area for improvement in the year ahead, organizations in the health care industry may be able to tip the scales in what is increasingly looking like a full-scale cyberwar between medical institutions and hackers.

Arm your organization today with SOC-as-a-service.