- Security TWENTY
- Women in Security
The healthcare vertical faces a range of threat actors and malicious cyber activity, says a report.
Given the critical role that it plays within society and its relationship with our most sensitive information, the risk to this sector is especially consequential, according to the FireEye report, Beyond Compliance: Cyber Threats and Healthcare. In some cases, criminals seek to monetise personally identifiable information (PII) and protected health information (PHI); nation states carry out intrusions to steal valuable research and mass records for intelligence gathering purposes; and disruptive threats like ransomware have the potential to wreak havoc among hospital networks and impact the most critical biomedical devices and systems. To move beyond compliance with current regulations and address the ever-changing threat landscape, organisations in this sector should use threat intelligence.
Increasingly inter-connected systems between doctors’ offices, hospitals, insurance companies and suppliers mean that healthcare is being targeted by multiple types of attackers: nuisance attackers (such as the creators of commodity malware), advanced persistent threat (APT) attackers, and cyber criminals. Buying and selling PII and PHI from healthcare institutions and providers in underground marketplaces is very common, and will almost certainly remain so due to this data’s utility in a variety of malicious activity; identity theft and financial fraud, and crafting of bespoke phishing lures.
The report notes that on the research and development side, whether for treatments, medical devices, biotechnology, or other subsets of the industry, there’s valuable intellectual property (IP) that is a driver for economic espionage. Notably, China’s strategic “Made in China 2025” plan includes a push for domestic development of medical technologies and devices, which may drive threat activity against IP holders.
The cyber firm recently opened a UK office at Angel Court in the City of London. That will hold FireEye UK staff, most from the Sales, Marketing, Systems Engineer, Consulting and HR. It will also house a regional Executive Briefing Centre (EBC).
Kevin Taylor, Senior Vice President, EMEA, at FireEye, said: “Not only will the move help attract the UK’s best talent to come and work for FireEye, but it reinforces our ongoing commitment to providing the best cyber defences. By locating the new office to Bank in London, we can better serve our large European and global customers based out of the UK, as well as our partners and prospects.”