DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

SANS "Health Care Cyberthreat Report"

Posted on February 21, 2014 by Dissent

Virtually all software, applications, systems and devices are now connected to the Internet. This is a reality that cybercriminals recognize and are actively exploiting.

Some 94 percent of medical institutions said their organizations have been victims of a cyber attack, according to the Ponemon Institute. Now, with the push to digitize all health care records, the emergence of HealthCare.gov and an outpouring of electronic protected health information (ePHI) being exchanged online, even more attack surfaces are being exposed in the health care field.

A SANS examination of cyberthreat intelligence provided by Norse supports these statistics and conclusions, revealing exploited medical devices, conferencing systems, web servers, printers and edge security technologies all sending out malicious traffic from medical organizations. Some of these devices and applications were openly exploitable (such as default admin passwords) for many months before the breached organization recognized or repaired the breach.

The intelligence data that SANS examined for development of this report was specific to the health care sector and was collected between September 2012 and October 2013. The data analyzed was alarming. It not only confirmed how vulnerable the industry had become, it also  revealed how far behind industry-related cybersecurity strategies and controls have fallen.

Get the full SANS report, “Health Care Cyberthreat Report,” here.

Category: Health Data

Post navigation

← MI: Data breach at Tadych’s Econofoods in Marquette
Kenerson Associates notifies employees of breach at payroll processor, BenefitMall →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes
  • Cocospy stalkerware apps go offline after data breach
  • Ex-NSA bad-guy hunter listened to Scattered Spider’s fake help-desk calls: ‘Those guys are good’
  • Former Sussex Police officer facing trial for rape charged with 18 further offences relating to computer misuse
  • Beach mansion, Benz and Bitcoin worth $4.5m seized from League of Legends hacker Shane Stephen Duffy
  • Fresno County fell victim to $1.6M phishing scam in 2020. One suspected has been arrested, another has been indicted.
  • Ransomware Attack on ADP Partner Exposes Broadcom Employee Data
  • Anne Arundel ransomware attack compromised confidential health data, county says
  • Australian national known as “DR32” sentenced in U.S. federal court
  • Alabama Man Sentenced to 14 Months in Connection with Securities and Exchange Commission X Hack that Spiked Bitcoin Prices

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Police secretly monitored New Orleans with facial recognition cameras
  • Cocospy stalkerware apps go offline after data breach
  • Drugmaker Regeneron to acquire 23andMe out of bankruptcy
  • Massachusetts Senate Committee Approves Robust Comprehensive Privacy Law
  • Montana Becomes First State to Close the Law Enforcement Data Broker Loophole
  • Privacy enforcement under Andrew Ferguson’s FTC
  • “We would be less confidential than Google” – Proton threatens to quit Switzerland over new surveillance law

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.