Phishing gave hackers access to 80 million health records
While phishing’s an elementary cyber-attack, its results can be enormous if it works. The US Anthem health insurance attack in 2015 resulted in an employee in a subsidiary organisation opening a phishing email. Attackers then had remote access to move across at least 50 accounts, 90 over systems, including Anthem’s enterprise data warehouse where the bulk of more than 78 million records were stolen.
A report from the California Insurance Commissioner found that Anthem took “reasonable measures” to protect patient information prior to the breach, the attacker targeted specific weaknesses within the system. On Feb. 18, 2014, an employee within an Anthem subsidiary opened a phishing email, allowing the attacker to gain remote access to the computer and then move laterally across accounts, including the insurer’s enterprise data warehouse where the bulk of the information was stolen.
Investigators believe perpetrators of the 2015 Anthem hack that exposed personal records of more than 78 million people may have been acting on behalf of a foreign government, exploiting weaknesses in the insurer’s system that are commonplace within the industry.
Investigators determined the identity of the hacker with “high confidence.” They concluded with “medium confidence” that the attacker was working on behalf of a foreign government, but didn’t identify the offenders. Officials have previously linked the attack to Black Vine, a Chinese cyber-espionage group. Symantec, the cyber-security firm, says it’s “highly resourceful” and been targeting several high profile entities since 2012, and believes it’s behind the Anthem attack.
Africa’s health care’s not immune. While cyber-crime opportunities may be more attractive in other health systems, Africa still needs effective cyber-security