A US-based cyber security firm FireEye reports that cyber criminals mostly China based are selling directly the data stolen from healthcare organizations and web portals globally including in India in the underground markets. The firm reported on Thursday that hackers broke into a leading India-based healthcare website, stealing 68 lakh records containing patient, and doctor information. In February, 6,800,000 records were stolen by a bad actor that goes by the name “fallensky519." The stolen data contains, patient information and personally identifiable information (PII), doctor information and PII and credentials. From October 1, 2018, to March 31, 2019, FireEye Threat Intelligence observed multiple healthcare-associated databases that are for sale on underground forums, many for under $2,000. FireEye is witnessing a focus on acquiring healthcare research by multiple Chinese advanced persistent threat (APT) groups. The area of unique interest is likely to be cancer-related research reflecting China’s concern over increasing cancer and mortality rates, and the accompanying national health care costs. The reports indicate that cancer mortality rates have increased dramatically in recent decades, making cancer China's leading cause of death. Other probable motivation for APT activity is financial as the PRC(People's Republic of China) has one of the world's fastest growing pharmaceutical markets, creating lucrative opportunities for domestic firms. Medical research and data from studies targeted may enable Chinese corporations to bring new drugs to market faster than Western competitors. Earlier in April of this year a suspected Chinese cyber espionage actors targeted a US-based health center-with a strong focus on cancer research — with “EVILNUGGET” malware. A Chinese group APT22 that focuses on biomedical, pharmaceutical, and healthcare organizations in the past, continues to be active targeted this same organization in prior years. FireEye has observed a theme among Chinese cyber espionage actors is the theft of large sets of personally identifiable information (PII) and Protected Health Information (PHI). The potential increase in usage of biomedical devices, become an attractive target for disruptive or destructive cyber attacks.
0 Comments