Cybercriminals shop for admin access to healthcare portals


When people think about hackers and their targets, most assume cybercriminals are after bank account numbers or financial institutions. But a new study from cybersecurity firm IntSights shows hackers are now honing in on healthcare institutions for lucrative information to steal. IntSight's new research report "Chronic [Cyber] Pain: Exposed & Misconfigured Databases in the Healthcare Industry" looks at what methods cybercriminals are using and what healthcare organizations can do to protect themselves. "If you would have told me 15 years ago, 'Hey let's go target the database manager for this insurance company,' I wouldn't even know where to begin," said IntSight chief security officer Etay Maor. "But today, I go online, and there's websites and free software which will map it out and give you an organizational chart from CEO to secretary, all based on Linkedin information and other things. Working out spearfishing attacks then becomes easy at that point," Maor continued.