FBI: Malicious Actors Targeting Protected Healthcare Information
The FBI Liaison Alert System released a flash almost two weeks ago describing an investigation at the agency that uncovered "malicious actors targeting healthcare related systems, perhaps for the purpose of obtaining Protected Healthcare Information (PHI) and/or Personally Identifiable Information (PII)," PublicIntelligence.Net posted.
According to the FBI, "These actors have also been seen targeting multiple companies in the healthcare and medical device industry typically targeting valuable intellectual property, such as medical device and equipment development data." :
The FBI has received the following information pertaining to a recent intrusion into a health care system that resulted in data exfiltration. Though the initial intrusion vector is unknown, we believe that a spear phish email message was used to deliver the initial malware. Typically, these actors use Information Technology themed spear-phishing messages which contain a malicious link that may connect to a new VPN site/service/client or a new Webmail site/software. Once access is obtained, the actors may collect and use legitimate account credentials to connect to the targeted system, usually through VPN.
The Washington Post recently reported that healthcare data breaches reached up to 30 million individuals and the numbers are still growing. The theft includes 4.5 million medical records stolen by Chinese hackers this year. When the Associated Press asked the Obama administration about the security system being used for healthcare.gov and Medicare, the administration denied access to any information or documents stating "doing so could 'potentially' allow hackers to break into" the systems.