Chinese Hackers Hit Community Health System - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Chinese Hackers Hit Community Health System
Newest First  |  Oldest First  |  Threaded View
progman2000
50%
50%
progman2000,
User Rank: Ninja
8/27/2014 | 7:12:31 AM
Not surprising
This doesn't really surprise, as pointed out in the article Patient Data is kept far less secure that retail/banking data and that stuff seems to get breached weekly.  The thought of what a Chinese hacking group wants with a bunch of patient data scares the @$#% out of me though...
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/19/2014 | 9:21:18 AM
Re: More insight
It puzzled me that these hackers reportedly didn't steal either credit data or PHI, but took only other personal info (like SSNs, addresses, and ages). Of course, this information is useful and valuable to cyberthieves but it makes me wonder whether they just happened across CHS, vs. it being a primary target. I'd also love to know more about how the malware was installed, although i suspect (and this is only a guess) it may have entered via social engineering. 
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/18/2014 | 5:37:54 PM
The Insurance Angle
I wonder whether the insurance companies that offer cybersecurity coverage can play a bigger role in encouraging healthcare organizations to invest more heavily and appropriately in security? I'm not saying that's the case at CHS, but some organizations spend very few dollars or other resources on securing data, networks, physical devices -- despite all the dire warnings coming from multiple sectors, including those without any monetary gain (but lots to lose). Just as your insurance decreases when you install a home alarm system or take a driver's ed class, you'd think rates for cybersecurity insurance could be cut substantially when organizations take multiple proactive steps to reduce risk. Anyone have more insight into this aspect?
danielcawrey
50%
50%
danielcawrey,
User Rank: Ninja
8/18/2014 | 5:37:29 PM
Re: More insight
Not promising news. Unfortunatley, there is a lot of low-hanging fruit for cybertheives to target. There's a financial incentive for this – because this type of information is value on certain markets.

Hopefully healthcare providers can find solutions to make these types of intrusions harder to perform. 
Ariella
100%
0%
Ariella,
User Rank: Author
8/18/2014 | 5:23:01 PM
Re: More insight
@Alison yes, it really is critical that there not be any weak spots.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/18/2014 | 4:53:05 PM
More insight

Here's another comment I received after filing the story:

Even in large complex organizations, the threat of data breaches is determined by the weakest link, which may be a small organization that is a business partner. With healthcare organizations increasingly adopting electronic medical record systems and automating transaction processes, we may see more frequent and  disruptive breaches in this sector, at a time when healthcare organizations are trying to get patients, physicians and partners to adopt electronic records and processes.

 

So healthcare CEOs have to recognize that effective information security management is crucial, not just internally but also in processes involving external stakeholders and open networks.

 

Professor Amit Basu

Carr P. Collins Chair in MIS

Chairman, ITOM Department

Cox School of Business

Southern Methodist University



The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Slideshows
10 Ways to Transition Traditional IT Talent to Cloud Talent
Lisa Morgan, Freelance Writer,  11/23/2020
News
What Comes Next for the COVID-19 Computing Consortium
Joao-Pierre S. Ruth, Senior Writer,  11/24/2020
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll