Healthcare vs. Hackers: Nobody has Died (Yet)

The Silent Mafia: Why Cybercrime Doesn't Need a "Pearl Harbor"

A few years back, I had a lunch meeting with two IT Security veterans. One remarked, “There’s been no Pearl Harbor or 9/11 in cybersecurity. Nobody has ever died because of hacking.” The sentiment was that without a "rallying cry" or a massive tragedy, there wouldn't be a massive response.

But comparing cybercrime to those historical events might be the wrong approach. Cybercrime isn't an act of war; it's more akin to the Mafia.

Profit Over Politics

The deaths caused by mafia activities didn’t have the same goals as a terrorist attack. The mafia simply removed those who stood in their way or inconvenienced their business.

Cybercriminals, like mafia bosses, seek only one thing: Money.

• A successful CEO email phishing scam can net $1.8 billion in profit.
• The black-market profit for stealing just one medical record is tremendous.

Unlike terrorists who use the media to feed on fear, true cybercriminals (hacktivists aside) don’t want anyone noticing their activity. Explosive media coverage hinders their goal. They prefer an unsuspecting public and a path of least resistance.

Healthcare: The Path of Least Resistance

Unfortunately, the healthcare industry fits the "path of least resistance" profile perfectly. Medical systems are often some of the least secured, yet they are among the most profitable targets for hackers.

The data they hold is extremely sensitive, and the computer systems are often critical for advanced scans and life-saving procedures. When these systems are brought down, it’s not just a data breach—it’s a halt of care. The hackers, however, don’t care about the humanitarian side; they only see the leverage they have to demand a ransom.

The Real-World Consequences

The WannaCry ransomware attack of 2017 was a wake-up call, hitting a large number of hospitals in the U.K. and medical facilities worldwide. It represented a new era of ransomware, but cyberattacks themselves are no stranger to the medical system.

Whether it is a small private practice or a large hospital providing critical support, an attack on computer systems can result in a devastating halt of care. Will there be deaths directly related to cybercrime in the future? We hope not. But with the vast profits available in hacking, criminals aren’t going to worry about innocent people getting hurt when a hospital system goes dark.

Secure Your Enterprise

At NetWorks Group, we help organizations detect and respond to advanced cybersecurity threats through a powerful combination of our proprietary threat detection platform, deep expertise, and advanced security tools.

Contact us today to learn more about how we can help you secure your enterprise and protect your critical assets from organized cybercrime.