The latest wave of hospital hacking show that your information and security are at risk. Here’s what you should know about these security breaches.
If you’ve been paying attention to hacking news lately, then you’ve probably noticed that there have been multiple hospitals and health insurance groups that have had major security breaches. (Heck, even the IRS had a security breach recently.) The information of millions of people has been leaked due to these brutal hacker-attacks, and what shocks most people is that these hacks occurred in institutions that we assume are under lock and key.
Sadly, this isn’t the case. Internet security experts, as well as information security experts, believe that hacker attacks on hospitals has actually been happening for quite an embarrassing reason. According to a number of experts, the reason why hackers have begun to release information, breach systems, and cause chaos within the US healthcare system, is because they are actually very easy targets.
Apparently, many hospitals don’t carefully monitor their computers. They also don’t use too much anti-spyware, nor do they use firewalls. To make matters worse, many doctors’ offices and hospitals don’t regularly update their computers. This means that patches and upgrades that fix known security issues remain uninstalled, and are readily open for hackers to take advantage of. Emails between doctors are also at a particularly high risk, as are secretaries who may pass on records to social engineers. The reason this happens is often because hospitals don’t want to spend time or funding updating their computer security systems, and generally assume that as long as they have a simple version of a firewall paired with hard-to-guess passwords, they’ll be fine.
There’s also one last factor that can contribute to the lack of hospital computer security that is much, much more difficult to deal with. Unfortunately, many hospital security breaches were caused by employees and former employees who simply stole the hardware that contained information, or used their privileged access to these systems to grab information.
Unlike other forms of hacking, this not only put people at risk of a major financial loss, it also can have lethal results. Should a hacker decide to go into an online medical record system, switch prescriptions a bit, and actually leave undetected, this can in fact kill the person whose records they hacked. This makes hospital and medical record hacking one of the only potentially deadly forms of hacking known to man.
If you are working in a hospital or doctor’s office, you already know how dangerous a medical information leak can be. Don’t be afraid to take action to encourage your higher-ups to invest in tighter security, screen future employees more heavily, and to keep an eye on any suspicious computer activity that could possibly mean a breach. Lastly, if you notice computer supplies ate missing or have reason to believe that a coworker may be doing something suspicious, alert both your manager and the doctors immediately. By doing so, you might actually save a life.