It seems like we hear about a new cyber attack on a weekly basis, and chances are these attacks are being aimed at the healthcare industry. But why is the healthcare industry such a sought-after target? They hold a trifecta of information which translates to big $$$ on the dark web. Electronic Health Records (EHR) contain everything a hacker is searching for including Personal Health Information (PHI), Personal Identifiable Information (PII) and financial information. Hackers are not looking to steal one or two records, they’re looking to wipe out your entire database.

Understanding why and how hackers implement their crimes can give you a place to start when it comes to securing your organization’s data. Hackers generally come in three categories.

  1. Hobby: That’s right, I said hobby. While most of us might read or take up a sport, some hackers are in it for the thrill or to alleviate boredom.
  2. Ideology: This group tends to keep away from the majority of healthcare breaches, they are more political based and are out to make a point, not money.
  3. It’s a Job: This last group is in it for the money! While the greater part of us work a regular 9 to 5 job, this group’s job is to hack for financial gain.

Now you might be asking yourself, how they are able to pull this off? Unfortunately, hackers have found the bulk of healthcare organizations an easy target. A general lack of IT investment and training has left our healthcare industry at a severe disadvantage, allowing hackers to steal our most valuable information. The average hack might look something like this.

  1. Reconnaissance: The hacker will begin the process by researching public information about potential targets. When we don’t know the answer to something, we google it or ask Siri. Well, hackers are doing the same thing. Try Googling your organization, you might be surprised at what you can find.
  2. Identify Vulnerabilities: The hacker has found a target and now, using various methods ranging from technical tools and social engineering, they identify vulnerabilities to gain access.
  3. Access: The hackers now utilized the vulnerabilities to employ malware infecting an organization’s computers, networks or compromised credentials.
  4. Maintain Access: Once in, the hacker will normally maintain access to entry points to allow for continued access to your data.
  5. Backdoor Access Maintained: One of the worst parts on a hack, is the chance that the hacker is still there. Hackers will typically create backdoors within a network that allows continued access, all while removing all traces of their attack.

As a result, healthcare organizations are required to follow the strict guidelines set forth by HIPAA to help maintain security. Many organizations, not including healthcare, are now taking it one step further and implementing HITRUST standards and certification. The best strategy in any compliance and security process is to start with a Risk Assessment. For more information on Risk Assessments and best practices, download our latest white paper on Risk and Its Assessment.

Digital Forge provides risk assessments, compliance and cybersecurity solutions including HITRUST CSF® certification. To speak with our Advisory Services Division, call (877) 369-1831 or email us at

You Might Find These Articles Interesting:

The Evolution of Risk Management 

Cyber vs. Physical Security: Video 

Cyber Risk in Life Sciences