ThreatMetrix® has announced strategies for cybercrime prevention in the healthcare industry following the high profile data breaches of Anthem and Premera in recent months. According to ThreatMetrix, the Anthem and Premera breaches could have been prevented through the use of real-time digital identity intelligence.
Stolen health credentials can sell for $10 each on the black market—about 10 or 20 times the value of a U.S. credit card number. The Anthem hack exposed the health records of more than 80 million personal identities, and the numbers for the more recent Premera breach rose above 11 million. With more than 90 million healthcare records exposed in the first few months of 2015, it’s clear that the healthcare industry is a growing target for cybercriminals. However, healthcare providers are still using antiquated authentication and fraud prevention solutions.
“The most valuable data stores for fraudsters are stolen patient records that are associated with a valid health insurance policy,” said Reed Taussig, president and CEO at ThreatMetrix. “While most enterprises continue to focus on securing their internal networks, what is really required is broad adoption and use of secure, anonymized global shared intelligence that will identify what for and where those 90 million stolen identities are being used.”
Increased attacks on healthcare and other insurance organizations are likely due to the high value of stolen health information. To help prevent these massive healthcare breaches and their far-reaching implications, ThreatMetrix offers the following preventative strategies:
- Implement unified fraud prevention that leverages a digital identity network to detect and prevent mobile and online fraud while remaining agile and responsive for customers, agents, brokers and others.
- Implement advanced device and malware detection capabilities to ensure insurance providers’ systems are not breached due to stolen or third-party credentials.
- Leverage anonymized shared intelligence on personas (digital identities) to connect users with their online activity and device-related behavior patterns beyond the confines of a company’s network.
“When Anthem and Premera sneezed, the cybersecurity industry caught a cold,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “Most organizations are focusing purely within their own networks, but the board room needs to be aware that these massive data breaches are just a precursor to the main event – a systemic and continuous attack on their customer and employee authentication, fraud and identity systems. To do a credible job defending against stolen identities, organizations need better risk intelligence based on anonymized shared intelligence to differentiate between trusted users and cyber threats.”
The data that was stolen in the Anthem breach was encrypted, but it’s clear that encryption alone isn’t enough to protect employees’ and customers’ personal information. Hackers began infiltrating Anthem’s systems 10 months prior to the announcement of the attack and Anthem needed real-time intelligence to stop these hackers in their tracks.
In December 2014, ThreatMetrix predicted 2015 would see increased healthcare breaches, because with more money flowing into the healthcare industry – U.S. healthcare spending hit $3.8 trillion in 2014 – fraudsters will follow to cash in on the market. In addition, as healthcare information makes the shift electronically via the Health Insurance Portability and Accountability Act (HIPAA), fraudsters will find new ways to commit healthcare fraud and steal personal information.
To avoid further breaches in the healthcare and insurance industries, it is crucial that corporations and businesses take steps toward preventing future attacks. The ThreatMetrix® Global Trust Intelligence Network delivers real-time intelligence, providing businesses with consistent risk assessments of data and creating unique digital identities for users by mapping their online behaviors and devices to protect customers from fraudulent transactions.
Latest from Cyber Policy Magazine
- Aon and Guidewire Launch Cyber Scenario for a U.S. Dam Attack
- Generali Launches Its Fully-Dedicated Cyber Insurance Function And The CyberSecurTech Start-Up
- Silent Cyber Added To Willis Re’s Cyber Portfolio Management Tool PRISM-ReTM
- Companies Will Make Major Enterprise Wide Changes To Address Cyber Risk In 2018
- DAS Spain Launches DAS Cyberbullying Insurance