Light Dark
December 18, 2015 By Nicole van Deursen 3 min read
Cloud Security
Healthcare

Earlier this year, the media warned the public that 2015 would be the year of the health care hack. The prediction has come true, as 2015 saw a record 100 million people affected by a health care data breach. In this article, we remind ourselves of the main factors that contribute to security risks in health care cloud computing and compare these to the actual reported data breaches in 2015.

Cloud Security Risk Factors

Traditional security threats are well-known, and most of them apply as much to cloud computing as they do to traditional information and communications technology (ICT) networks. However, cloud computing does also bring a few new or more specific risks.

Insiders

When it comes to security breaches, it is often stated that the malicious insider is one of the most important initiators. In a cloud setting, there is a second group of insiders to consider: the staff at the cloud provider, such as administrators with high-privilege roles or who deal with incident response and auditors.

All common cloud types (e.g., IaaS, PaaS or SaaS) are equally affected by third-party insider attacks as long as the insider can gain access to the data center or cloud management system.

Cloud Computing Itself

In the past, cybercriminals used multiple computers or a botnet to create enough computing power for an attack. This process was complicated and could take months to complete. Nowadays, however, malicious actors use the computing and storage power of cloud networks to prepare brute-force attacks in a few minutes.

The Profits

With the black-market price of a patient’s identifiers now higher than the price for credit card details, motives for initiating data breaches in health care cloud environments are mainly financial. Health data is not only used for identity theft, however. Companies make a business out of medical conditions and approach patients with targeted marketing of medications or treatments.

Popular Attack Types

IBM recently identified the most frequent types of attacks to health care data in the cloud. The top offenders included getting a victim to open a malicious document or to click on a link that leads to a malicious site, the Shellshock vulnerability, brute-force attacks and the use of outdated systems.

The Year of the Health Care Data Breach

In 2015, several large data breaches were reported by health care organizations. In fact, according to the Breach Level Index, the health care industry suffered more breaches in 2015 than any other sector. The breach portal of the U.S. Department of Health and Human Services showed that over 100 million people were affected by health care data breaches in 2015. Of the breaches affecting more than 1 million patient records, only one reported that health care cloud services were involved, although details were not revealed.

The other large-scale breaches reported no business partners involved and stated that the incidents took place within the organization itself. In fact, 46 percent of the 242 incidents were related to portable data, such as data on laptops, hand-held devices, paper or film. These are breaches that may have been avoided if the companies in question had used cloud services.

This seems like good news for cloud providers, but they can’t get too smug about this. When that one cloud data breach does happen, the impact will likely be enormous, and the consequences will be felt by millions of patients for a long time to come.

With few cloud breaches reported, it seems that providers are doing a good job with security. To continue this trend, they have to stay on top of it, especially as more and more data is moved to the cloud.

It is somewhat disappointing that the breached organizations do not provide more detail about what really caused the leaks. Academics, the public, health care providers and ICT providers need to learn about current threats and vulnerabilities to ensure that patient data in the cloud stays secure. Keeping the details of data breaches secret does not help to design better security.

Read the IBM Research report: Security trends in the healthcare industry

Conclusion

Many health care organizations use cloud services for the hosting of clinical applications and data, health information exchange and backups and data recovery. With these cloud services come specific security risks even though there haven’t been many reported health care cloud breaches. In the years to come, cloud security will be truly tested and we must be prepared.

Security intelligence tools offer predictive analytics, prioritized threat data and a proactive response to support that preparation. However, the full potential of security intelligence can only be reached when details about threats and breaches are publicly shared. Then researchers and the industry create intelligent systems that outsmart attackers that are after our personal data.

 |  |  |  |  |  | 
Nicole van Deursen
Information Security Researcher

More from Cloud Security
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

April 4, 2024

Cloud security uncertainty: Do you know where your data is?

3 min read - How well are security leaders sleeping at night? According to a recent Gigamon report, it appears that many cyber professionals are restless and worried.In the report, 50% of IT and security leaders surveyed lack confidence in knowing where their most sensitive data is stored and how it’s secured. Meanwhile, another 56% of respondents say undiscovered blind spots being exploited is the leading concern making them restless.The report reveals the ongoing need for improved cloud and hybrid cloud security. Solutions to…

March 14, 2024

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature