Cybercriminals shop for admin access to healthcare portals
A report by cybersecurity firm IntSight identifies hackers are increasingly targeting healthcare institutions with lax security measures. IntSight chief security officer Etay Maor said historically, the healthcare industry has not had as robust security as high profile targets like the financial sector. “Once cybercriminals started realizing that financial institutions are harder targets, they saw that healthcare is extremely useful for all kinds of attacks.”
The report shows that attackers look for SSNs, addresses, and phone numbers to create fake accounts and maintain access into systems. According to Maor, one of the more concerning trends is that attackers are selling administrative access into healthcare systems on the dark web for about $400. Once an attacker gains administrative privileges, the likelihood of detection is very low, which leaves the entire organization at risk.