Data has become one of the major currencies in the modern world. It’s gathered in vast amounts and used by companies to make market predictions, adapt their own behavior and, primarily, discover what it is that people like, want and do. It’s also one of the largest motivations for the development of machine learning, where a computer which can handle the vast amounts of data flying around and spot patterns in minutes which would take mathematicians and statisticians months. Data is, therefore, valuable.
However, it is only in recent years that people have identified and responded to the potential threats that fast-moving data and its potential uses has on people. Legislation is only being introduced in the past couple of years to stop data abuse.
One of the most important fields for data usage is the medical field, where past treatments, prescriptions, and medical notes can all be crucial in helping a patient. Health records are as at risk as most other data types, the question becomes, why do hackers want health data? So here are a few steps for understanding why it is that hackers might be targeting your medical records for.
Health Data Is Easy To Get
Before getting into why this type of data is specifically of value to a data hacker it’s worth discussing the other side to why it is appealing. Data theft is not necessarily as complex as you think and could simply involve taking data out of a hospital. But, on both a physical and a cyber sense, healthcare data is very vulnerable.
Hospitals haven’t typically invested much in physical security, let alone cybersecurity. So, one of the biggest draws for data thieves is that there are huge amounts of data at their fingertips, since traditionally it’s been so poorly defended. That has been adjusted somewhat in recent years, since data theft and the potential benefits to hackers who can get their hands-on data have both been under the spotlight. Nevertheless, it’s worth knowing this.
It’s Personal Data On Nearly Everyone
Data, as I mentioned, is everywhere nowadays. But it is usually very specific, and it doesn’t paint all that much of a vivid picture of the person whose data it is. Most of the time, hackers don’t care about this: if they can sell it, that’s good enough. But health data has a unique appeal in that it is almost impossible to live in a first world country and not have files and files of information about your medical situation. So, there are almost limitless amounts of highly personal data existing for everyone everywhere, which can also help hackers target more efficiently.
One of the biggest motivations for hackers to target medical data is the ‘potential’ concept, which is that, even if it isn’t immediately clear at the time what use the medical records are of financially, there will likely come a time when they can make money off previous hacks. Cyber-theft is a relatively new concept and one which people learn more and more about every day, so it goes without saying that the criminals behind them are able to find more and more ways to cash in on their crimes. Perpetrating a healthcare data hack today could make them millions tomorrow.
Healthcare Data Contains Other Data As Well
If you really stop and think about what ‘healthcare data’ means, you begin to get a pretty good insight into its value. Healthcare data is deeply diverse in its contents, so cracking into a single individual’s data could lead a criminal to very valuable gains. Healthcare data will likely contain a combination of birth date, addresses, legal names, illness records, billing information even, in some instances, social security numbers. This is a wealth of data to be gathered in one strike and with endless possibilities of what could have been left ‘on file’ in a hospital, you can be sure that this particular type of data makes for a ripe target for cyber criminals looking to cash in on the value of data.
Specific Individual Extortion
This is somewhat more rare, but it certainly happens and when it does it can be very damaging. Much like the iCloud hacks of a few years ago, hackers are always likely to be on the lookout for sensitive data, personal information, photos etc. In particular, if this data relates to people who have a public profile, politicians, celebrities and the like, there can be a potential for holding the data ransom. This would mean letting that person know that if they aren’t able to pay the ransom that sensitive data will be released to the public. Healthcare data is so potentially sensitive that letting it go into the wrong hands could make your life really tricky.
Company Data Extortion
Particularly in America, where hospitals function like businesses, reputation is really important to a successful medical practice. A leak is terrible for a hospital’s PR, and a data leak of all their patients’ records could potentially kill their business. This makes it very important for hospitals to secure their data. If a hacker gets all of these sensitive files, they may use a similar concept to above to make the hospital pay to avoid the embarrassment and damage of losing sensitive files. The hackers can always leak some of the files to prove they are a legitimate threat to the company’s clients. Not only is this a disaster on the individual client-based level, it can set a terrible precedent for other healthcare providers as well.
Cybercrime is, in general, something that people are only just getting a really strong handle on. Cybercrime relating to data is an even more uncertain field. One of the biggest threats in the end is actually the unknown: there simply is no limit to what evils could be perpetrated by criminals able to take whole medical record databanks. Hopefully, as time goes on, medical providers will invest energy into protecting against these sorts of vulnerabilities.