Cyber crooks will go after medical records next
Posted on 03 March 2014.
As security firms and law enforcement agencies continue to cooperate and successfully take down botnets, cyber crooks will be forced to look for new and more lucrative targets, and especially ones that are poorly secured.

In a panel held at the RSA Conference held last week in San Francisco, the Microsoft/Agari team behind the Citadel botnet takedown said that these new targets will likely be in the healthcare industry.

After explaining just how they went about effecting the takedown, they explained the reasoning behind their belief that healthcare IT systems and hospital databases are next in line for data breaches.

Agari CEO Patrick Peterson shared that the price of medical records belonging to a single person might fetch around $60, while a single credit card record is worth a couple of dollars in the underground markets.

He also pointed out that among the industries targeted so far, financial organizations and social networks have worked hard on protecting their customers, and have made cybercriminals' attempts more difficult and, therefore, more costly.

On the other hand, the majority of the healthcare industry has not followed suit.

In addition to all this, medical records give crooks much valuable information about a target that can be misused for mounting effective social engineering attacks, noted Richard Boscovich, assistant general counsel with the Microsoft Digital Crimes Unit.

You might believe that information such as that contained in medical records might be that helpful, but in the hands of skilled social engineers it can turn to gold. "These guys are good, we've seen that happen," commented Boscovich.


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Thu, Aug 28th