Health Data Increasingly Attractive to Criminals

It contains valuable information such as Social Security numbers and home addresses and thus is worth more to hackers than other types of data.

istock 540849924 bp 3

According to FBI history, when asked why he robbed banks, legendary criminal Willie Sutton responded, “Because that’s where the money is.” Today’s cyber criminals are attacking healthcare networks because that’s where they can gain access to vast stores of personal health information, often left vulnerable from weak security points.

A Brookings Institution report noted that “Healthcare data contains valuable information such as Social Security numbers and home addresses and thus are worth more to hackers than other types of data. Since they can sell these data files for a premium price on the black market, hackers have a strong economic incentive to focus their hacking attacks on the healthcare sector.”

It might surprise you that the network printer, often sitting unattended, is a potential gateway to exploit healthcare data and leave your organization exposed to costly compliance penalties in the event of a breach.

Looks can be deceiving

Although they require relatively little technical skills to use, networked printers and imaging devices are actually very sophisticated computer devices, and may include operating systems, storage media, and software that the average user has no idea about.

Many printers are equipped with software-implemented communications “ports” that provide potential points of vulnerability for criminals to exploit with internet protocols.

That device sitting in the corner may include a File Transfer Protocol (FTP) software-based server. In March 2017, the FBI issued a Private Industry Notification warning that criminals are actively targeting FTP servers “operating in ‘anonymous’ mode and associated with medical and dental facilities to access protected health information (PHI) and personally identifiable information (PII) in order to intimidate, harass, and blackmail business owners.”

According to Security Intelligence, “Anonymous FTP, as it is called, does not require any authentication before granting access to the files on the system. It has long been recommended that a server with this service host only public files. But smaller health care offices may use older, less sophisticated systems that could have been either misconfigured or not properly maintained.”

Not just data at risk

The FBI advises that “Cyber criminals could also use an FTP server in anonymous mode and configured to allow ‘write’ access to store malicious tools or launch targeted cyber attacks.”

The ramifications of this vulnerability extend far beyond capturing data, according to a Dark Reading report: “Companies also run the risk of cyber criminals storing malicious or incriminating content on their server. They can use this as the foundation for a ransomware attack, threatening to publicize their possession of this information unless they pay. A hacker could use an anonymous FTP server to store and sell pirated software, involving the business in selling stolen goods.”

It should be clear by now that there’s no such thing as a low-risk network-connected device. But there are ways to ensure that your printer is not the weakest link in your network security chain. To learn how to protect your organization from these risks, visit HP Print Security.


Copyright © 2017 IDG Communications, Inc.