30% of Healthcare Files Misconfigured and Accessible Online

Dec 14, 2018


A latest report by the enterprise threat management platform supplier Intsights has exposed that a frightening amount of healthcare data is freely available online as a consequence of disclosed and misconfigured files.

Although a great deal of attention is being concentrated on the danger of cyberattacks on medical appliances and ransomware attacks, one of the main reasons why hackers target healthcare companies is to steal patient data. Healthcare data is very valuable because it can be used for a variety of wicked purposes for example identity theft, tax fraud, and medical identity theft. Healthcare data also has a long lifetime – far longer than credit card information.

The failure to sufficiently safeguard healthcare data is making it far too simple for hackers to be successful.

Healthcare Companies Have Enhanced the Attack Surface

The cloud offers healthcare companies the chance to cut back on the expenses of costly in-house data centers. Although cloud facility suppliers have all the required protections in place to keep confidential data safe, those protections must be activated and configured properly.

Healthcare companies that have moved data to the cloud have enhanced the attack surface, yet a considerable part has not effectively managed the risks and has left healthcare data exposed.

The issue is not the use of the cloud, but “a lack of procedure, teaching, and cybersecurity best practices,” as per Intsights. The issue is also not restricted to the healthcare business since other industry sectors confront the same problems, but healthcare companies confront greater risks as hackers are looking for healthcare data.

The Intsights report focuses on exposed healthcare files which are progressively being targeted by hackers because of the large quantities of valuable data that can be gotten and the simplicity of gaining access to those files. Numerous are left completely undefended. All hackers need to know is where to look.

16,667 Disclosed Medical Files Recognized Each Hour

For the report, the scientists looked at two generally used technologies for dealing with medical files and well-known commercially available databases.

The scientists desired to show just how easy it is to find healthcare data. They used no hacking methods to find the disclosed data, only Google and Shodan searches, technical documents, subdomain record, and educated deductions concerning the amalgamation of sites, systems and data.

After 90 hours of investigation and estimations of 50 databases, 15 disclosed databases were found. Those databases had 1.5 million health files. That’s a rate of 16,667 medical files each hour. Even with a traditional approximation of a price of $1 per medical file on the black market, that would mean a full-time hacker might make $33 million each year. Intsights approximated 30% of healthcare files are disclosed online.

“Even though our findings were not statistically important, our [database revelation] rate of 30% is properly consistent with what we’re seeing across all trades for disclosed assets,” clarified Intsights in the report.

The scientists found healthcare data at rest and in motion. The scientists recognized open Elasticsearch databases, which can be found using the search engine Shodan. One of those databases had the files of 1.3 million patients. The files came from a big healthcare clinic in a main European capital city.

Naturally, given the number of cases of misconfigured MongoDB databases that have been found this year, the scientists found a misconfigured MongoDB database utilized by a Canadian healthcare supplier.

In addition to files, the scientists noticed one healthcare supplier was using vulnerable SMB facilities in spite of the recent WannaCry attacks and one U.S hospital was using an unprotected FTP server. “FTPs commonly have files and backup data and are kept open to allow backup to a distant site. It might be a neglected backup process left open by IT that the hospital doesn’t even know exists,” wrote Intsights.

“Healthcare budgets are tight, and if there is a chance to buy a new MRI machine as against making a new IT or cybersecurity rental, the new MRI machine often wins out. Healthcare companies need to cautiously evaluate accessibility and safety,” clarified Intsights expert, Ariel Ainhoren.