Russian hackers hit DoD: PHI at risk?

Russian hackers hit DoD: PHI at risk?

We saw with the Sony hack that when attackers find health data they’re likely to steal it

The Pentagon confirmed late Thursday that Russian hackers penetrated the Defense Department’s IT networks and gained access to Joint Chiefs of Staff email servers.

As has become the norm for government and private sector institutions immediately following an attack, the DoD labeled this incident “a sophisticated cyber intrusion” that was “clearly the work of a state actor” employing “new and unseen approaches” and the agency reacted by shutting down email. The system has been offline for about two weeks.

Multiple news outlets are reporting DoD claims that the hackers did not crack into any classified networks but did manage to steal approximately 4,000 records.

Was any protected health information, personally identifiable information or other health data in there? Too soon to tell.

It might seem a stretch to think that Russian attackers, whether a government team sanctioned by President Vladimir Putin or as some reports suggest the hacking group APT29, would infiltrate the DoD in search of health data rather than military secrets but that’s not to say they couldn’t have stumbled onto PHI or PII.

A quick look back at the Sony hack, in fact, demonstrates how that is a real possibility. That incident was also originally branded as sophisticated and undertaken by a nation-state, in Sony’s case, Korea. It’s reasonable to believe the attackers did not set out in search of health data. That was ostensibly tied to the Christmas release of The Interview, a controversial film depicting Korea’s supreme leader Kim Jong-un in an unflattering light.

continue reading >>>