Health Care Data Attractive Target
Andrew Barratt is vice president of Coalfire. He said health care data is a fairly attractive target that’s usually sold, and then used to mount fraudulent claims.
“Unless those congresspeople had divulged their health care network openly somewhere, it’s probable that they’re just victims in this the same as everyone else affected,” he said. “However, it could have been deliberate, but seems a very roundabout way to take on a congressperson. Typically a spear phishing or catphishing exercise would be done against valuable targets rather than a huge land grab.”
The FBI is often engaged in these sort of large-scale offenses, Barratt said. It puts more of a lens on it in case there is some nation-state support involved.
“If there had been credit card data and other monetary instruments exposed, they might have felt the wrath of both the FBI and the Secret Service,” he said. “Both, unbeknown to many, are very active in supporting the nation’s defenses against cybercrime.”
The threat actor(s) will likely try to monetize the data in pockets, Barratt said.
“Depending on the structure of the data and if there are ‘canaries’ in the data, it may well be carved up and ‘washed’ with other data sets making the origins difficult to establish,” he said. “This is where data canaries can be useful. These are records that are left in the underlying data structure – that appear on the surface to be valid – a sort of John Doe if you will – but that have specific characteristics deliberately randomized and made unique that they can be used to attribute a block of data to a probable source.”
