Before a check-up or an admission, hospitals generally require a patient’s personal and financial credentials, which can be used to scam.
Medical data continues to be among the hottest commodities for attackers online as research by security firm Kaspersky discovered that hacking-for-hire groups have added healthcare sector to their portfolio of services on the dark web. The base price for such a service has also become quite cheap, depending on the type of breach or goods an anonymous customer requires.
Thus, with low security measures, and lack of cybersecurity training to hospital staff, hospital and healthcare infiltrations are among the newest services being offered by anonymous hacking groups. These are alongside targeted attacks and cyberespionage against specific countries as well as infections to gain energy and maritime information.
The dark web is made of anything that is not commonly indexed on the surface web. To be able to get into this hidden part of the web, a user should use a special software such as Tor. Tor stands for “the onion router” and is a method for anonymizing data.
Before a check-up or an admission, hospitals generally require a patient’s personal and financial credentials. Thus, security researcher Seongsu Park noted that medical records are likely to be used for calling scam, identity and monetary theft, as well as blackmailing and any derived crimes. He further added, that they can be considered more valuable than a simple credit card.
The current threats posed against the healthcare sector show how more and more malicious actors are targeting the industry. To be able to help protect these organisations and their patients, Kaspersky names the possible security loopholes and how to build their defences below: