Earlier this year, the media warned the public that 2015 would be the year of the health care hack. The prediction has come true, as 2015 saw a record 100 million people affected by a health care data breach. In this article, we remind ourselves of the main factors that contribute to security risks in health care cloud computing and compare these to the actual reported data breaches in 2015.

Cloud Security Risk Factors

Traditional security threats are well-known, and most of them apply as much to cloud computing as they do to traditional information and communications technology (ICT) networks. However, cloud computing does also bring a few new or more specific risks.


When it comes to security breaches, it is often stated that the malicious insider is one of the most important initiators. In a cloud setting, there is a second group of insiders to consider: the staff at the cloud provider, such as administrators with high-privilege roles or who deal with incident response and auditors.

All common cloud types (e.g., IaaS, PaaS or SaaS) are equally affected by third-party insider attacks as long as the insider can gain access to the data center or cloud management system.

Cloud Computing Itself

In the past, cybercriminals used multiple computers or a botnet to create enough computing power for an attack. This process was complicated and could take months to complete. Nowadays, however, malicious actors use the computing and storage power of cloud networks to prepare brute-force attacks in a few minutes.

The Profits

With the black-market price of a patient’s identifiers now higher than the price for credit card details, motives for initiating data breaches in health care cloud environments are mainly financial. Health data is not only used for identity theft, however. Companies make a business out of medical conditions and approach patients with targeted marketing of medications or treatments.

Popular Attack Types

IBM recently identified the most frequent types of attacks to health care data in the cloud. The top offenders included getting a victim to open a malicious document or to click on a link that leads to a malicious site, the Shellshock vulnerability, brute-force attacks and the use of outdated systems.

The Year of the Health Care Data Breach

In 2015, several large data breaches were reported by health care organizations. In fact, according to the Breach Level Index, the health care industry suffered more breaches in 2015 than any other sector. The breach portal of the U.S. Department of Health and Human Services showed that over 100 million people were affected by health care data breaches in 2015. Of the breaches affecting more than 1 million patient records, only one reported that health care cloud services were involved, although details were not revealed.

The other large-scale breaches reported no business partners involved and stated that the incidents took place within the organization itself. In fact, 46 percent of the 242 incidents were related to portable data, such as data on laptops, hand-held devices, paper or film. These are breaches that may have been avoided if the companies in question had used cloud services.

This seems like good news for cloud providers, but they can’t get too smug about this. When that one cloud data breach does happen, the impact will likely be enormous, and the consequences will be felt by millions of patients for a long time to come.

With few cloud breaches reported, it seems that providers are doing a good job with security. To continue this trend, they have to stay on top of it, especially as more and more data is moved to the cloud.

It is somewhat disappointing that the breached organizations do not provide more detail about what really caused the leaks. Academics, the public, health care providers and ICT providers need to learn about current threats and vulnerabilities to ensure that patient data in the cloud stays secure. Keeping the details of data breaches secret does not help to design better security.

Read the IBM Research report: Security trends in the healthcare industry


Many health care organizations use cloud services for the hosting of clinical applications and data, health information exchange and backups and data recovery. With these cloud services come specific security risks even though there haven’t been many reported health care cloud breaches. In the years to come, cloud security will be truly tested and we must be prepared.

Security intelligence tools offer predictive analytics, prioritized threat data and a proactive response to support that preparation. However, the full potential of security intelligence can only be reached when details about threats and breaches are publicly shared. Then researchers and the industry create intelligent systems that outsmart attackers that are after our personal data.

More from Cloud Security

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Cybersecurity in the Next-Generation Space Age, Pt. 4: New Space Future Development and Challenges

View Part 1, Introduction to New Space, Part 2, Cybersecurity Threats in New Space, and Part 3, Securing the New Space, in this series. After the previous three parts of this series, we ascertain that the technological evolution of New Space ventures expanded the threats that targeted the space system components. These threats could be countered by various cybersecurity measures. However, the New Space has brought about a significant shift in the industry. This wave of innovation is reshaping the future…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

How Posture Management Prevents Catastrophic Cloud Breaches

We've all heard about catastrophic cloud breaches. But for every cyberattack reported in the news, many more may never reach the public eye. Perhaps worst of all, a large number of the offending vulnerabilities might have been avoided entirely through proper cloud configuration. Many big cloud security catastrophes often result from what appear to be tiny lapses. For example, the famous 2019 Capital One breach was traced to a misconfigured application firewall. Could a proper configuration have prevented that breach?…