Extensive, Valuable Data Makes Healthcare a Popular Target

Healthcare providers have a responsibility to ensure the security and privacy of medical records and patient information as well as to provide reliable, quality healthcare services. However, myriad cyber threats such as ransomware, data breaches, DDoS attacks and more make it challenging to meet these objectives.

The healthcare sector is vulnerable due to the high value of electronic protected health information (ePHI) and financial data. Experian reports that full medical records can command up to $1,000 because they’re an identity thief’s dream: date of birth, place of birth, credit card details, Social Security number, address, and emails. In contrast, Social Security numbers sell for just $1, and credit card information goes for up to $110.

An Easy Mark

And healthcare is a relatively easier industry to attack for three important reasons:

  1. Patient portals provide one-stop access to medical identity, personal information, healthcare records, as well as financial details, all of which criminals can use for identity theft, financial fraud, healthcare fraud, or to sell to other criminals. Unauthorized access and shared credentials also can result in diminished quality of care and misdiagnosis, privacy breach, and compliance risk.
  2. The overall attack surface is huge. Healthcare providers are increasingly using touch-pad computers when seeing patients, for example, plus numerous other personal devices that they bring to work.
  3. Innumerable medical devices are online and often poorly secured. Criminals can purchase these devices on the open market and analyze them for weaknesses and vulnerabilities. Since compromising these devices and holding them for ransom can putlives at risk, healthcare providers are likely to pay a lot and pay quickly.

If a healthcare provider suffers a data breach, especially if it involves healthcare data that could compromise quality of care, patients may turn to another provider. The provider could also be subject to HIPAA compliance violations and breach fines.

Our recent blog post describes the risks in more detail.

Lastline Protects Sensitive Healthcare Data

Accordingly, healthcare providers are looking to Lastline Defender™ to secure sensitive data, improve the productivity of short-handed security teams, and prevent data breaches, including the ability to:

  • Monitor network traffic for lateral movement of threats emanating from compromised systems that do not have corporate security controls, such as web-enabled medical systems and personal devices
  • Protect employee systems from being compromised by malicious attachments (e.g., those designed to steal credentials to critical systems) or links to malicious sites designed to fool users into divulging credentials
  • Monitor healthcare portals for unusual patient behavior that could indicate that an account is compromised
  • Make existing security staff, processes, and products more effective by using high-fidelity threat information generated by Lastline to automate workflows and accelerate and simplify incident response
  • Eliminate false positives and validate alerts generated by other tools, reducing the need to allocate scarce IR staff to conduct manual verification of low-fidelity alerts
  • Visualize the complete attack chain with specific identification of all systems and data affected at each stage, streamlining response and remediation .
Case study: Healthcare Provider
This recorded presentation explains how Lastline’s NDR platform helped to protect a metropolitan healthcare provider from cyber threats. It includes a detailed demonstration of the Lastline software.
Case Study