Cyber crooks will go after medical records next
Posted on 03 March 2014.
As security firms and law enforcement agencies continue to cooperate and successfully take down botnets, cyber crooks will be forced to look for new and more lucrative targets, and especially ones that are poorly secured.


In a panel held at the RSA Conference held last week in San Francisco, the Microsoft/Agari team behind the Citadel botnet takedown said that these new targets will likely be in the healthcare industry.

After explaining just how they went about effecting the takedown, they explained the reasoning behind their belief that healthcare IT systems and hospital databases are next in line for data breaches.

Agari CEO Patrick Peterson shared that the price of medical records belonging to a single person might fetch around $60, while a single credit card record is worth a couple of dollars in the underground markets.

He also pointed out that among the industries targeted so far, financial organizations and social networks have worked hard on protecting their customers, and have made cybercriminals' attempts more difficult and, therefore, more costly.

On the other hand, the majority of the healthcare industry has not followed suit.

In addition to all this, medical records give crooks much valuable information about a target that can be misused for mounting effective social engineering attacks, noted Richard Boscovich, assistant general counsel with the Microsoft Digital Crimes Unit.

You might believe that information such as that contained in medical records might be that helpful, but in the hands of skilled social engineers it can turn to gold. "These guys are good, we've seen that happen," commented Boscovich.











Spotlight

Lessons learned developing Lynis, an open source security auditing tool

Posted on 15 October 2014.  |  Lynis unearths vulnerabilities, configuration errors, and provides tips for system hardening. It is written in shell script, installation is not required and can be performed with a privileged or non-privileged account.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //