Cyber crooks will go after medical records next
Posted on 03 March 2014.
As security firms and law enforcement agencies continue to cooperate and successfully take down botnets, cyber crooks will be forced to look for new and more lucrative targets, and especially ones that are poorly secured.

In a panel held at the RSA Conference held last week in San Francisco, the Microsoft/Agari team behind the Citadel botnet takedown said that these new targets will likely be in the healthcare industry.

After explaining just how they went about effecting the takedown, they explained the reasoning behind their belief that healthcare IT systems and hospital databases are next in line for data breaches.

Agari CEO Patrick Peterson shared that the price of medical records belonging to a single person might fetch around $60, while a single credit card record is worth a couple of dollars in the underground markets.

He also pointed out that among the industries targeted so far, financial organizations and social networks have worked hard on protecting their customers, and have made cybercriminals' attempts more difficult and, therefore, more costly.

On the other hand, the majority of the healthcare industry has not followed suit.

In addition to all this, medical records give crooks much valuable information about a target that can be misused for mounting effective social engineering attacks, noted Richard Boscovich, assistant general counsel with the Microsoft Digital Crimes Unit.

You might believe that information such as that contained in medical records might be that helpful, but in the hands of skilled social engineers it can turn to gold. "These guys are good, we've seen that happen," commented Boscovich.


eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Dec 19th