Page 89 - Cyber Defense eMagazine June 2020 Edition
P. 89

What is the motive?

            First and foremost, the main reason for data breaches is to make a lot of money by selling patient health
            data.  In  deep  web  marketplaces  medical  health  record  is  expected  to  be  worth  hundreds  or  even

            thousand dollars as compared to the credit card or social security number which are around 25 cents and
                                10
            10 cents respectively . Further data can be used to make money by creating duplicate credit cards and
            conducting frauds. Another scenario may be medical identity theft wherein patient’s data can be used by
            someone else for receiving medical treatment, drugs or submitting false claims for medical services.
            Finally,  the  motive  can  be  to  damage  the  healthcare  provider’s  brand  or  business  by  hacking  the

            intellectual property and selling it to the competitors.



            What type of security threats are there?

            Hackers and cybercriminals have been keeping the IT security companies on toes. It will not be wrong to
            say that as compared to organizations they are the ones using new technologies for devising new ways
            to do the crime.



            a)  Ransomware and other malware

            In Nov 2018, two hospitals owned by Ohio Valley Health Services & Education Corporation (Ohio Valley
            Medical Center in Wheeling and East Ohio Regional Hospital in Martins Ferry, Ohio) became the victim

            of ransomware attack. This attack impacted the emergency functions of medical care as they were forced
            to shut down their IT systems.

             “At the moment, our emergency rooms are unable to take patients by E-squads, but we can take patients
                     11
            by walk-in ,” (Karin Janiszewski, director of marketing and public relations for EORH and OVMC, 25 Nov
            2018)

            Ransomware attack in healthcare has serious implications as they can be used to hijack information
            systems as well as the medical devices connected through the network or even shut down the entire
            medical facility until the ransom is paid. Out of all the industries healthcare is one of the top industries

                                           i
            targeted  by  ransomware  attack.  Moreover,  18  percent  of  medical  devices  have  been  the  target  of
                                       ii
            malware attacks in last year .



            10  https://www.forbes.com/sites/mariyayao/2017/04/14/your-electronic-medical-records-can-be-worth-1000-to-
            hackers/#3c11158050cf
            11  http://www.timesleaderonline.com/news/local-news/2018/11/hospitals-patient-information-safe-in-eorh-ovmc-
            computer-attack/



            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         89
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   84   85   86   87   88   89   90   91   92   93   94