HelpNet Security: In general, the healthcare industry is proving lucrative for cybercriminals because medical data can be used in multiple ways, for example fraud or identify theft. by Bogdan Botezatu
'This personal data often contains information regarding a patient’s medical history, which could be used in targeted spear-phishing attacks.
'Cybercriminals have found medical data to be far more valuable than credit card fraud or other online scams. This is because medical information contains everything from a patient’s medical history to their medical prescriptions, and hackers are able to access this data via network-connected medical devices, now standard in hi-tech hospitals. This is opening up new possibilities for attackers to breach a hospital or a pharmaceutical company’s perimeter defences. If a device is connected to the internet and left vulnerable to attack, an attacker could remotely connect to it and use it as gateways for attacking network security.
'The danger is that, because most of these devices are not on segregated networks and are directly connected to other medical computers or life-depending medical hardware, attackers could make their way to servers or databases housing sensitive and confidential patient records. Furthermore, whilst accessing medical data is a serious concern, there’s also the risk of tampering with medical equipment that’s keeping patients properly medicated. In this case, it is likely that future cyber-attacks could lead to the loss of human life.'