Chinese Hackers Hit Community Health System - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Chinese Hackers Hit Community Health System
Threaded  |  Newest First  |  Oldest First
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/18/2014 | 4:53:05 PM
More insight

Here's another comment I received after filing the story:

Even in large complex organizations, the threat of data breaches is determined by the weakest link, which may be a small organization that is a business partner. With healthcare organizations increasingly adopting electronic medical record systems and automating transaction processes, we may see more frequent and  disruptive breaches in this sector, at a time when healthcare organizations are trying to get patients, physicians and partners to adopt electronic records and processes.

 

So healthcare CEOs have to recognize that effective information security management is crucial, not just internally but also in processes involving external stakeholders and open networks.

 

Professor Amit Basu

Carr P. Collins Chair in MIS

Chairman, ITOM Department

Cox School of Business

Southern Methodist University

Ariella
100%
0%
Ariella,
User Rank: Author
8/18/2014 | 5:23:01 PM
Re: More insight
@Alison yes, it really is critical that there not be any weak spots.
danielcawrey
50%
50%
danielcawrey,
User Rank: Ninja
8/18/2014 | 5:37:29 PM
Re: More insight
Not promising news. Unfortunatley, there is a lot of low-hanging fruit for cybertheives to target. There's a financial incentive for this – because this type of information is value on certain markets.

Hopefully healthcare providers can find solutions to make these types of intrusions harder to perform. 
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/19/2014 | 9:21:18 AM
Re: More insight
It puzzled me that these hackers reportedly didn't steal either credit data or PHI, but took only other personal info (like SSNs, addresses, and ages). Of course, this information is useful and valuable to cyberthieves but it makes me wonder whether they just happened across CHS, vs. it being a primary target. I'd also love to know more about how the malware was installed, although i suspect (and this is only a guess) it may have entered via social engineering. 
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/18/2014 | 5:37:54 PM
The Insurance Angle
I wonder whether the insurance companies that offer cybersecurity coverage can play a bigger role in encouraging healthcare organizations to invest more heavily and appropriately in security? I'm not saying that's the case at CHS, but some organizations spend very few dollars or other resources on securing data, networks, physical devices -- despite all the dire warnings coming from multiple sectors, including those without any monetary gain (but lots to lose). Just as your insurance decreases when you install a home alarm system or take a driver's ed class, you'd think rates for cybersecurity insurance could be cut substantially when organizations take multiple proactive steps to reduce risk. Anyone have more insight into this aspect?
progman2000
50%
50%
progman2000,
User Rank: Ninja
8/27/2014 | 7:12:31 AM
Not surprising
This doesn't really surprise, as pointed out in the article Patient Data is kept far less secure that retail/banking data and that stuff seems to get breached weekly.  The thought of what a Chinese hacking group wants with a bunch of patient data scares the @$#% out of me though...


The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
News
Can Cloud Revolutionize Business and Software Architecture?
Joao-Pierre S. Ruth, Senior Writer,  1/15/2021
Slideshows
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
News
How CDOs Can Build Insight-Driven Organizations
Jessica Davis, Senior Editor, Enterprise Apps,  1/15/2021
Register for InformationWeek Newsletters
Video
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll