Local: (805)-371-3680 | Toll Free: (800) 240-CHIV
Facebook
Twitter
LinkedIn
YouTube
Chivaroli Insurance Services
  • INSURANCE COVERAGE
    • Healthcare Professional Liability
    • Directors’ & Officers’ Liability
    • Commercial Property
    • Managed Care / Billing / Miscellaneous
    • Employment Practices Liability
    • Difference in Conditions
    • Regulatory Proceedings Errors & Omissions
    • Fiduciary Responsibility
    • Property Terrorism
    • Commercial General Liability
    • Commercial Crime
    • Commercial Automobile
    • Stop Loss Coverage
    • Representations & Warranties
    • Business Owners Package
    • Security & Privacy (Cyber Liability)
    • Workers Compensation
    • Home / Auto / Valuables / Umbrella
  • OTHER SERVICES
    • Credentialing Requests
    • Consulting Services
    • Alternatives
    • Risk Management
    • Wholesale Brokerage
  • RESOURCES
    • Healthcare Resources
    • Insurance Resources
    • Terms & Definitions
  • NEWS
  • ABOUT
  • CONTACT

Healthcare organizations under siege from cyberattacks, study says

February 25, 2014Chivaroli and Associates Insurance ServicesArticle Archives
As seen on the Los Angeles Times
Published 2/19/2014

Add this to the list of things to freak you out: Healthcare organizations of all kinds are being routinely attacked and compromised by increasingly sophisticated cyberattacks.

A new study set to be officially released Wednesday found that networks and Internet-connected devices in places such as hospitals, insurance companies and pharmaceutical companies are under siege and in many cases have been infiltrated without their knowledge.

The study was conducted by Norse, a Silicon Valley cybersecurity firm, and SANS, a security research institute. In the report, the groups found from September 2012 to October 2013 that 375 healthcare organizations in the U.S. had been compromised, and in many cases are still compromised because they have not yet detected the attacks.

In addition to getting access to patient files and information, the attackers managed to infiltrate devices such as radiology imaging software, conferencing systems, printers, firewalls, Web cameras and mail servers.

“What’s concerning to us is the sheer lack of basic blocking and tackling within these organizations,” said Sam Glines, chief executive of Norse. “Firewalls were on default settings. They used very simple passwords for devices. In some cases, an organization used the same password for everything.

“A decent percentage of these firms could have been eliminated from the data set if basic network and security protocol had been followed,” he added.

The surge in attacks comes as hospitals and doctors across the country are using more and more medical devices that are connected to the Internet in some fashion. It’s part of the broader trend known as the “Internet of Things” in which a growing range of devices are being fitted with sensors and Internet connections.

In addition, more patient information is being placed online, in part through the growing network of federal and state health insurance exchanges.

“The pace at which technology has allowed our devices to be connected for ease of use has allowed for a larger attack surface,” Glines said. “More vigilance is required.”

But as the report found, there are often not enough security measures taken to protect these connected devices.

As a result, patient information and privacy can be compromised.

But another troubling aspect is that once attackers gain access to these devices, they can use them to launch attacks on other devices.

Indeed, the report tracked the origin of some of the malicious traffic coming out of medical sites that had been hacked:

“The findings of this study indicate that 7% of traffic was coming from radiology imaging software, another 7% of malicious traffic originated from video conferencing systems, and another 3% came from digital video systems that are most likely used for consults and remote procedures.”

In following the trails of this malicious traffic, Norse found detailed information about the layouts of hospitals and specifications of various lifesaving equipment.

Glines said the vulnerability can be addressed in many cases. But still, he’s worried that healthcare providers may not move quickly enough.

“It’s going to accelerate as we have more and more connected devices,” Glines said. “With more healthcare information coming online, it becomes more valuable and therefore a richer target. We expect to see an uptick of breaches related to healthcare. It’s sort of a perfect storm.”

Tags: cybersecurity, Healthcare
Chivaroli and Associates Insurance Services
Chivaroli & Associates Insurance Services is a full-service brokerage and consulting firm that specializes in the custom design and placement of property and casualty insurance and alternative risk funding solutions for healthcare organizations.
Previous post Top 10 settlements for workplace harassment, discrimination Next post Regulatory reform: Captive insurance companies may no longer be immune

Related Articles

Safeguard Your Patients From Healthcare Data Breaches

November 12, 2014Chivaroli and Associates Insurance Services

Telemedicine effective for PTSD treatment of rural veterans

December 15, 2014Chivaroli and Associates Insurance Services

Healthcare Firms at Risk; Hackers Value Medical Records Over Credit Data

December 19, 2014Chivaroli and Associates Insurance Services

Sign up for News Updates

* = required field

Categories

  • Article Archives
  • General Article
  • Private
  • Uncategorized

Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • November 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • August 2019
  • July 2019
  • June 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • December 2017
  • November 2017
  • October 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • April 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014

Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.

Facebook
Twitter
LinkedIn
YouTube

Contact Us Today

Address:
200 North Westlake Blvd., Suite 101
Westlake Village, CA 91362
Phone:
805-371-3680
E-mail:
mail@chivarolitr.wpengine.com

Resources

Health Care
Insurance
Terms & Definitions
News
About

Policies

Cookie Policy
Disclaimer

Recent News

  • Healthcare Ransomware Attacks are Hurting Care: Survey
  • Hospital ‘Black Boxes’ Look to Aid Operating Rooms
  • Passwords Remain a Top Cybersecurity Weakness
  • Lawmakers Seek New Limits to Travel Nurse Costs
© 2023 All rights reserved. Powered By Insurance Agency Website by Stratosphere