now browsing by tag
Like so many other people, I woke up yesterday morning, to find myself reading another breach notification (see: here). Only to find news about the Anthem hack.
This time, it was a letter from Anthem, notifying me that my health information may have been compromised. Also, in reading the letter, I saw that Mandiant and the FBI had been retained for the purpose of investigating the breach.
I usually come to the same conclusion every time I hear certain things together. When I hear about a breach affected a HIPAA agency, I usually start thinking about a phishing/spear-phishing campaign that occurred, which usually results in someone giving up the details of their account/VPN; followed by the immediate breach, and scouring of their website for information and data.
The other thing I always think of, when Mandiant comes rushing to the scene is the immediate blame to a state-run actor. Of course, China, whose population is 1.35B, is going to find the SSN of impacted customers useful; oh wait, what value is there in the SSN of people of a foreign land. Or better yet, with the joke I make about the hack of CHS. Again, the problem I see, is what is the value of a SSN to a foreign country? Some claims went on, to say they were after formularies associated with drugs and medicine, which several news agencies ran with. But consider this, hospitals don’t have the same sort of pharmaceutical horse-power that huge drug manufacturers have; I would go so far, as to say that they aren’t even comparable.
So once again, I will ask, what value does a SSN have to a nation-state?
UPDATE: First posts about this being a state-sponsored attack are now emerging.
So, the US Government is now concerned about flaws with medical devices. I feel that if they were really concerned, the FDA would implement policies requiring that devices are built securely.
From my experience in the medical world, I can tell you, that medical devices are currently far, very far from being secure. In fact, I have specific security experience with the Hospira infusion pumps being insecure.
The U.S. Department of Homeland Security is investigating about two dozen cases of suspected cyber security flaws in medical devices and hospital equipment that officials fear could be exploited by hackers, a senior official at the agency told Reuters.
The products under review by the agency’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, include an infusion pump from Hospira and implantable heart devices from Medtronic and St. Jude Medical, according to other people familiar with the cases, who asked not to be identified because the probes are confidential.