Healthcare most targeted industry by cyber hackers in 2016

When scriptwriters of the popular TV series Homeland had hackers kill the US Vice President by manipulating his pacemaker to induce a heart attack, viewers dismissed it as science fiction.

Next, when former US vice president Dick Cheney got his pacemaker’s wireless capabilities disabled to prevent potential assassination attempts, people called it paranoia.

Now, it’s not science fiction anymore. “Healthcare was the most targeted industry by cyber hackers in 2016, more than finance, government installations, defence and other critical instalments,” Menny Barzilay, CEO, 42 Global, told HT at MEDinIsrael, a conference on medical innovation.

“Since 2008, every year a new medical device is being hacked, which is a very real threat to human life,” said Barzilay.

Israel is at the forefront of cyber security, with companies such as Adallom offering security technology to track patterns and anomalies that could be potential security breaches for remote servers, including those running Microsoft’s or Google’s cloud services.

With hackers moving from finance to the less protected healthcare industry, cyber-security companies are increasingly providing tailor-made solutions to healthcare providers.

“Healthcare is an easier target that provides hackers with a lot of valuable information, including social security numbers and personal data, which can be used for identity and insurance fraud,” said Gilad Zahavi, director of Intelligence Operations at SenseCy, which provides cyber threat intelligence solutions for healthcare.

Health records fetch hackers 10 times more than credit card details on the Dark Web. “Credit card records sell for an average of USD 2, while medical records fetch USD 20 in the black market because credit cards can be cancelled quickly while social security numbers and personal data can be used for identity theft,” says Zahavi.

With the spotlight on hacking threat, the US Food and Drug Administration issued guidelines (https://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM482022.pdf) a little over two months ago for manufacturers to protect internet-connected medical devices against potentially fatal attacks.

Hacking threats to pacemakers, defibrillators, intravenous fluid pumps, scanners and hospital networks has led many start-ups like SenseCy to focus on cyber intelligence tailored for healthcare for more than two years.

“We collect information from all web platforms, including open sources, Dark Web forums, Dark Web marketplaces, mobile applications and closed and hidden social media groups, among others, to issue real-time alerts on leaked data, actionable intelligence on illegal drug and medication trades and insider-threat monitoring,” says Zahavi.

Insiders committed over 43% of all privacy violations of patient health records in 2016 and 59% in January 2017, according to a report by Protenus, which works in patient data security.

The threat of ransomware, a malicious software that blocks access to a computer system until a ransom is paid, usually in bitcoins, also peaked in 2016.

“Along with defence and transportation, healthcare was among the top three sectors most attacked by ransomware,” says Zahavi. “Apart from known families such as Locky, Cerberus and CryptXXX, a staggering number of new families and more than 44,000 new variants known to ransom have emerged over the past year.”

What gives Israel an edge is the several years of experience in elite army intelligence units and proficiency in 14 languages, including Russian, Chinese, Farsi, Arabic and many European ones, besides the analysis, says Barzilay.

“If it’s a device, it’s hackable. Attackers need to be successful once. In security, you have to be successful all the time because if you can’t event an attack, people die,” he says.