The latest study by Insights, an enterprise threat management platform provider, unveiled a startling number of healthcare information is openly accessible on the internet due to open and misconfigured databases.
Although loads of interest is being centered on the risk of cyberattacks on healthcare devices as well as ransomware attacks, a primary reason why hackers shoot for healthcare organizations is to take patient information. Healthcare information is particularly valuable because it may be employed for a lot of nefarious purposes including identity theft, tax scam and medical identity theft. Healthcare information also has a lengthy lifespan – much longer as compared to credit card data. The inability to sufficiently protect healthcare information is making it overly easy for cyber criminals to succeed.
Using the cloud allows healthcare organizations to reduce the costs of pricey in-house data servers. Although cloud service providers possess all the required safety measures to keep sensitive information secure, those safety measures must be turned on and configured properly.
Healthcare companies that transferred their data to the cloud have more attack surface, but a sizeable percentage haven’t appropriately mastered the risks leaving healthcare information exposed.
The problem isn’t the usage of the cloud, but “a deficiency of process, training, and cybersecurity guidelines,” as stated by Insights. The problem is likewise not limited to the healthcare sector, since other industry sectors encounter the same issues, however healthcare companies face increased risks as hackers are looking for healthcare information.
The Insights report focuses on vulnerable healthcare databases which are more and more targeted by hackers because of the huge volumes of useful information that can be acquired and the simplicity of accessing those databases. A lot are left utterly exposed. Hackers only need to realize where to look.
The researchers of Insights looked at two frequently used technologies for managing medical data and popular commercially available databases. The researchers sought to prove just how quick it is to locate healthcare information. They did not use any hacking technique to locate the exposed data. They just used Google and Shodan searches, technical documents, subdomain enumeration, and intelligent guesses.
After 90 hours, out of 50 databases, 15 were identified as exposed databases containing 1.5 million health data. That shows a rate of 16,667 medical records exposed per hour. If each medical record is priced $1 on the black market, that would suggest that a full-time hacker could possibly earn $33 million annually. Insights estimated that about 30% of healthcare databases are open on the internet.
The Insights researchers discovered healthcare information at rest and in transit. The researchers found open Elasticsearch databases using the Shodan search engine. One database stored the medical records of 1.3 million patients from a big healthcare clinic in a large European capital city. The researchers also discovered a misconfigured MongoDB database utilized by a Canadian healthcare service provider.
Besides databases, the researchers noticed one healthcare company was utilizing vulnerable SMB services despite the fact that the latest WannaCry attacks and one U.S hospital was utilizing an open FTP server. FTP’s generally hold records and backup data and remain open to permit backup to a remote website. It may be an overlooked backup procedure left exposed by IT that the hospital does not know is out there.
Healthcare finances are limited, so healthcare organizations should very carefully balance ease of access and security.