Healthcare Cyber Attacks On the Rise

By Michael Brown 1

Even as Health Insurance Portability and Accountability Act (HIPAA) regulations take hold, a potentially rewarding vertical market for cloud adoption can be found in healthcare technology. The demand on managed service providers (MSPs) will continue to increase as the industry’s need to secure data storage and cloud-based file sharing grows.

A recent study from security research firm Ponemon found that cyber thieves are costing the U.S. healthcare system an approximate $6 billion annually. Criminal cyber attacks on the healthcare industry have increased a startling 125 percent within the past 5 years, and nearly 90 percent of survey respondents reported having some sort of data breach in the past 2 years.

One of the motivators for cyber thieves to hack healthcare systems is the lucrative nature of the information acquired. According to Bloomberg, thieves can use the information found in healthcare documents to apply for loans and open up lines of credit in the victim’s name. What separates these hackers from typical identity thieves is the medical nature of the information, which allows some to use the victim’s insurance ID to seek free medical care.

Furthermore, crimes are detected much later than normal ID thefts. As Carmine Clementelli, a security expert with PFU systems, suggested, “The main reason medical records are so valuable is largely because health and insurance sector breaches take so long to detect while banking and credit fraud is detected quickly.”

Despite the severity of the issue, there are some simple solutions that could remedy many of the problems. A little less than 50 percent of those surveyed said they did not have the proper personnel with relevant expertise to address the issues of data security. Beyond the lack of personnel to address the issue is the portion of employees without appropriate credentials granted access to information. Sixty-five percent of employees believe they have access to sensitive data not needed to do their job. This lack of responsibility in securing sensitive data – coupled with the lack of technical knowledge on how to fix these issues – is causing millions of people to be victimized by attacks, as well as costing the U.S. government millions of dollars.

Yet, the industry is not without a blueprint for attack prevention.

“The damage can be greatly reduced by managing data-access permissions, making sure employees only have access to the data they need to do their jobs, and by monitoring for unusual activity,” said Yaki Faitelson, co-founder and CEO of Varonis, the sponsor of the report.

This plays right into the hand of MSPs. The government has relaxed restrictions on potential security solutions, creating a promising opportunity for MSPs to introduce cloud storage and file sharing solutions. With companies looking for solutions to their data storage and safety issues, leading MSPs can leverage their knowledge of cloud security to thrive in this progressing market.

Providing these cloud based solutions will not only benefit the developers, but also provide for the common good by creating safety for people’s privacy. In order to take full advantage of this opportunity as an MSP, make sure to keep up with new technologies, regulations and advancements in cyber security.