As far as hacking from domestic hackers is concerned, it’s safe to say the medical field is the most vulnerable. Hospitals and health clinics may not have the same kind of information found in prestigious institutions, research centers, and companies that manufacture sensitive, high technology equipment. Hospitals are all about patient information, which can be used for a variety of nefarious reasons. Patient information can be used to blackmail hospitals, the personal data contained in them can be sold, and then there is the old scam known as ransom. Whatever the reason behind medical attacks, one thing for sure is that hospitals and healthcare practitioners need to practice excellent “digital hygiene” to prevent from being on the wrong end of a cyber-attack.
The following are some shocking statistics regarding the poor handling of patient data and its resultant fallout.
- Medical and healthcare facilities are victim to a quarter of all cyberattacks that happen in the world.
- Hospitals wind up paying millions of dollars in fines due to poor data security regarding patients’ info, each year.
- Hacking of medical facilities has been happening since the internet became a reality but grew exponentially since 2010.
- In the US alone, the estimate is that nearly 25 million patients’ information got compromised in 2019.
So, what exactly is happening when a hacker gets his or her hands on patient information. In some cases, they are just looking for social security numbers, which can be very damaging in itself. In other cases, patient health information may be used to blackmail the hospital or even the patient itself. However, in most cases, the data is sold to “third party criminals” for a fee. Asking for a ransom, after taking over the systems of the hospital is also a fairly common tactic.
The London Bridge Plastic Surgery Clinic Case
There was nothing fake about the cyber attack on London Bridge Plastic Surgery (LBPS) a few years ago. The hacking of this prestigious clinic has a familiar sequence of events that seems to be the story behind all hacking attacks. A case that would have made “Jack the Ripper” proud, LBPS is dealing with the consequences of this hack to this day, and it is easily one of the most famous hacks done to a hospital. The notoriety of the attack is partly because the victims were celebrities and other famous people. The hack and its aftermath are as follows.
- The IT department responsible for setting up the computer systems did a job that can only be called amateurish. The mistakes were usual in these cases, such as using default passwords and various other settings that would have made even Sherlock Holmes faceplant into his palm.
- Not surprisingly, the extremely vulnerable systems of LBPS got hacked by the infamous hacker known by the nickname, that sounds like a character from “Lord of the Rings”, “The Dark Overlord,” or TDOL for short.
- TDOL went ahead and stole photos and names of patients that included celebrities and even royalty. He asked for a ransom to return all material and threatened to sell the pictures to the tabloids if LBPS did not comply.
- LBPS stuck to their guns and refused to pay the ransom. TDOL proceeded to sell some of the photos to a tabloid to show that he was serious.
- To this day, LBPS has refused to pay the full ransom money and is continuously having to deal with TDOL and his shenanigans.
SKY ECC Your Guardian Against Medical Attacks
Since the medical field as a whole contains vast amounts of data, that are clustered together in one area, it is uniquely vulnerable for attacks and damage. Once a hacker makes it into the system, he will naturally have lots of sensitive and valuable information at his fingertips. Sure, the LBPS attack was an extreme case, since it is not a typical “hospital”. LBPS is a target-rich environment containing plenty of embarrassing info about a lot of famous people. However, the point is, the hacker knew this, and that is why he went after it. The bottom line is that LBPS did not take necessary precautions. On the other hand, even if they had done better security, a determined hacker can still make it through conventional security means.
It is for all these reasons and more that SKY ECC has built a system that works outside the system. When you have a system in place that the outside world cannot see, therefore, most probably does not know it even exists, a hacker can’t do damage, as long as the users follow the necessary protocols. The following are how SKY ECC can protect a place like a hospital.
- SKY ECC uses its hardware and Internet backbone, such as servers, routers, etc. Only those who are allowed on the system can see messages and other pertinent info. Our messaging devices and app use one of the best encryption technologies, which no one, not even the staff at SKY ECC can decrypt and take a look at the messages.
- Since communication happens on our systems, any info regarding patients is not stored on the hospitals’ servers.
- Messages sent using SKY ECC’s apps is designed to time out. The timeout period can be set by you, the user. If time out period is not selected by the user, messages erase itself within a week. With no messages lying around, hackers will not be able to find older conversations and other data.
- SKY ECC’s protection methods ensure data such as contact lists and images are securely encrypted using our 521-bit encryption method, which no one other than authorized personnel would have access to.
Time to Switch to Secure Systems
It is not only the clinics that can take advantage of SKY ECC’s technology, but it is also the patients. When doctors, hospital staff, and patients can communicate with each other in total privacy, no hacker will be able to take anything worthwhile. Hacking of hospitals is an ongoing affair, as evidenced by thousands of patient’s records getting compromised each year. However, with relatively simple steps put in place at relatively low costs, it doesn’t need to be this way. When you consider the enormous amount of damage to your bottom line and not to mention the reputation of an institution or business, switching to systems, such as the ones offered by SKY ECC, is a no brainer. Therefore, give us a call and talk to one of our staff members who can explain precisely how SKY ECC’s devices can protect you from cyber-attacks.