Hold on to your stethoscopes: The health care industry was at the top of hackers' wish lists in cyberattacks during 2015, according to IBM data.
According to SecurityWeek News, cyber criminals have the health care industry in their sights, especially via the Shellshock vulnerability — which, according to IBM X-Force's 2016 Cyber Security Intelligence Index, was a major factor in many of 2015's attacks. Shellshock is a vulnerability in the Bash shell, providing compromise potential to systems running on Linux, Solaris and Mac OS. The vulnerability has existed for more than two decades, but it was only in late 2014 that it was publicly disclosed.
The index found that the financial services industry dropped back to third place after being the most targeted industry in 2014, with health care nabbing the top spot and manufacturing surging to second. Fourth place was occupied by government agencies, and transportation came in at fifth place.
Recommended For You
Five of the eight largest breaches in health care since 2010 took place just in the first half of 2015 it said, and during the whole year, more than 100 million health care records were compromised.
Health care organizations should be alarmed by the following statistic: 60 percent of all cyberattacks during 2015 originated via insiders — with many being unwitting dupes of cybercriminals, providing them access to systems, and other just flat-out disregarding their organization's cybersecurity policies. And the criminals aren't only out for money; some of their goals include theft of intellectual property, infliction of physical damage, and even political protest.
Health care cyberattacks can be dangerous on an individual level, since patient data can be corrupted and/or stolen, exposing patients via medical identity theft to potentially life-threatening errors in their medical records or exhausting health care benefits for care received by someone other than themselves.
And theft of patient information can expose doctors and medical firms to possible legal action and can also result in scammers billing insurers, Medicare and Medicaid for millions — which could result in doctors and firms being investigated for fraud and unreported income, even if that income went to a cybercriminal and not to the doctor or practice.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
