Reports raise the possibility of ‘medical zero day’ attacks
According to a new study by the Atlantic Council, the Brent Scowcroft Center on International Security, and Intel Security medical zero day might just be a possibility in the future. The study claims that malicious actors could soon have the same in the health care industry as they do elsewhere. The medical zero day report also says that “we could soon see a booming market in medical zero-day exploits, a security hole known to the attackers and for which there is no defense.”
This means that cyber criminals can potentially gain access to and take control of all medical equipment, including pumps, monitors, regulators, testers, filters, and so on, as well as disrupt important patient data.
Atlantic Council and authors Jason Healey, Neal Pollard, and Beau Woodsalso say that “this is what the future will look like if security officials and health care organizations do not take the correct steps today” and that “hacktivists, thieves, spies, and even terrorists seek to exploit vulnerabilities in information technologies to commit crimes and cause havoc.”
Hackers have already carried out three successful attacks on large health providers in the past year. The first being Community Health, Anthem, and Premera Blue Cross. All companies likely suffered a loss of data. Therefor reassuring that attacks on the medical industry can be lucrative for cyber criminals and dangerous for those affected by these threats.
According to the Department of Health and Human Services and various reports, medical and financial data of more than 120 million people has already been compromised in more than 1,100 separate breaches since the year 2009.