Despite being the most at-risk and perpetually breached critical infrastructure sector in the Nation, virtually all health sector organizations refuse to evolve their layered security to combat a hyper evolving threat landscape. As a result, when a healthcare system is breached and patient records are stolen, the entire brutal impact of the incident that resulted from poor cybersecurity on behalf of the healthcare organization is forced onto the shoulders of the victim to deal with for the rest of their life.
In this report, entitled “Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims”, the Institute for Critical Infrastructure Technology (ICIT) is lifting the veil on how adversaries utilize Deep Web marketplaces and forums to buy and sell exploits, services and electronic health records. Specifically, this report includes:
- Screenshots of actual Deep Web markets and forums where exploits and electronic health records are sold and bartered
- An analysis of why attacks against the health sector are so prevalent and how apathy on the part of health sector executives is empowering the adversary
- A primer of the Deep Web and the most popular market places and forums for EHRs
- A discussion on the impact stolen EHRs have on victims including the likelihood of exploitation, the fiscal cost to individual victims, the physical toll of EHR exploitations, and an analysis of high risk victims
ICIT will host a Senate briefing on this publication in Washington D.C. on September 22, 2016: click here for more details and to register
This report was authored by James Scott (Sr. Fellow, ICIT) and Drew Spaniel (Researcher, ICIT).
This report has Thought Leadership Contributions from the Following Experts:
- Carl Leonard, ICIT Contributor & Principal Security Analyst, Forcepoint
- Robert Lord, ICIT Fellow & CEO, Protenus
- Jim Walter, ICIT Contributor & SPEAR Researcher, Cylance
Purchase this Report HERE