68°F
weather icon Cloudy
Las Vegas, NV
Nation and World

Targeting medical records becoming a trend for cybercriminals

Computer (Thinkstock)
More Stories
Law enforcement work the scene after a shooting at Laney College in Oakland, Calif., on Thursda ...
College football coach from ‘Last Chance U’ dies after being shot, police say
Rescuers work on the scene of a building damaged after a Russian attack in Kyiv, Ukraine, on Fr ...
Russian drone, missile attack on Kyiv kills 6, injures at least 35
This image provided by PepsiCo shows from left, shows original Doritos Nacho cheese chips next ...
Doritos and Cheetos dialing back the bright orange
Transportation Secretary Sean Duffy speaks alongside Vice President JD Vance about the impact o ...
California revokes 17K commercial driver’s licenses for immigrants
By JEREMY WAGSTAFF REUTERS
June 5, 2015 - 9:43 am
 

SINGAPORE — Whoever was behind the latest theft of personal data from U.S. government computers, they appear to be following a new trend set by cybercriminals: targeting increasingly valuable medical records and personnel files.

This data, experts say, is worth a lot more to cybercriminals than, say, credit card information. And the Office of Personnel Management (OPM) breach revealed on Thursday suggests cyberspies may now also be finding value in it.

Cyber investigators from iSight Partners said they had linked the OPM hack to earlier thefts of healthcare records from Anthem Inc, a health insurance company, and Premera Blue Cross, a healthcare services provider. Tens of millions of records may have been lost in those attacks.

All three breaches have one thing in common, said John Hultquist of Dallas-based iSight. While cyberespionage usually focuses on stealing commercial or government secrets, these attacks targeted personally identifiable information.

The stolen data “doesn’t appear to have been monetized and the actors seem to have connections to cyberespionage activity”, said Hultquist, adding that none of the data taken in the earlier attacks had turned up for sale on underground forums.

A source close the matter said U.S. authorities were looking into a possible China connection to the breach at OPM, which compromised the personal data of 4 million current and former federal employees.

Several U.S. states were already investigating a Chinese link to the Anthem attack in February, a person familiar with the matter has said.

China routinely denies involvement in hacking, and on Friday a spokesman for the Foreign Ministry in Beijing said suggestions it was involved in the OPM breach were “irresponsible and unscientific”.

Hultquist said iSight could not confirm that China was behind the attacks, but similar methods, servers and habits of the hackers pointed to a single state-sponsored group.

BLACK MARKET FLOODED

Security researchers say that medical data and personnel records have become more valuable to cybercriminals than credit card data.

The price of stolen credit cards has fallen in online black markets, in part because massive breaches have spiked supply.

“The market has been flooded,” said Ben Ransford, co-founder of security start-up Virta Laboratories.

The result: medical information can be worth 10 times as much as a credit card number.

Fraudsters use this data to create fake IDs to buy medical equipment or drugs that can be resold, or they combine a patient number with a false provider number and file made-up claims with insurers.

State-sponsored hackers may not be after money, but would also be interested in such data because they could then build a clearer picture of their target.

That, said Philip Lieberman of security software company Lieberman Software, would increase the chances of any targeted email attack, or spear phish, successfully obtaining confidential data.

Others said that, given the data affected included job histories, those targets might be in other government departments. “It’s likely this is less about money and more about gaining deeper access to other systems and agencies,” said Mark Bower of HP Security Voltage, a data security company.

This interest in more granular data is pushing hackers of all stripes into more inventive ways of penetrating the defenses of hospitals and other institutions holding such data.

TrapX, a cybersecurity company, said it had discovered criminal gangs from Russia and China infecting medical devices such as X-Ray systems and blood gas analyzers to find their way into servers from which they stole personnel and patient data.

Other security researchers agreed this kind of attack was becoming more common.

Billy Rios, founder of security company Laconicly, said he had found infected systems while working with several healthcare organizations. “Clinical software is riddled with security vulnerabilities,” he said.

A survey by think-tank the Ponemon Institute issued last month said that more than 90 percent of healthcare organizations surveyed had lost data, most of it to hackers.

“This is going to get worse before it gets better,” said Carl Wright, of TrapX, which discovered the breaches via medical devices.

MOST READ
Don't miss the big stories. Like us on Facebook.
THE LATEST
This image provided by PepsiCo shows from left, shows original Doritos Nacho cheese chips next ...
Doritos and Cheetos dialing back the bright orange
By Dee-Ann Durbin Associated Press

Doritos and Cheetos are getting a makeover. PepsiCo said Thursday it’s launching toned-down versions of its bright orange snacks that won’t have any artificial colors or flavors.

Transportation Secretary Sean Duffy speaks alongside Vice President JD Vance about the impact o ...
California revokes 17K commercial driver’s licenses for immigrants
By Josh Funk The Associated Press

California plans to revoke 17,000 commercial driver’s licenses given to immigrants after discovering the expiration dates went past when the drivers were legally allowed to be in the U.S., state officials said Wednesday.

President Donald Trump signs the funding bill to reopen the government, in the Oval Office of t ...
Trump signs government funding bill, ending shutdown
By Kevin Freking, Joey Cappelletti and Matt Brown Associated Press

President Donald Trump signed a government funding bill Wednesday night, ending a shutdown that caused financial stress for federal workers who went without paychecks, stranded scores of travelers at airports and generated long lines at some food banks.

President Donald Trump speaks during a cabinet meeting at the White House, Thursday, Oct. 9, 20 ...
Epstein emails say Trump ‘knew about the girls’ and spent time with a victim
By Michael R. Sisak and Eric Tucker Associated Press

Disgraced financier Jeffrey Epstein wrote in a 2011 email that Donald Trump had “spent hours” at Epstein’s house with a victim of sex trafficking and said in a separate message years later that Trump “knew about the girls,” according to communications released Wednesday.

President Donald Trump speaks to reporters after Vice President JD Vance swore in U.S. Ambassad ...
What to know about Trump’s plan to give Americans a $2K tariff dividend
By Paul Wiseman Associated Press

President Donald Trump boasts that his tariffs protect American industries, lure factories to the United States, raise money for the federal government and give him diplomatic leverage. Now, he’s claiming they can finance a windfall for American families, too

A Southwest Airlines plane taxis down the runway as others sit at gates at Baltimore/Washington ...
US flight cancellations will likely drag on even after shutdown ends
By Rio Yamat and Josh Funk Associated Press

Air travelers should expect worsening cancellations and delays this week even if the government shutdown ends, as the Federal Aviation Administration rolls out deeper cuts, officials said.

MORE STORIES