By Nancy Ferris
January 17, 2008
Foreign hackers, primarily from Russia and China, are increasingly
seeking to steal Americans health care records, according to a
Department of Homeland Security analyst.
Mark Walker, who works in DHS Critical Infrastructure Protection
Division, told a workshop audience at the National Institute of
Standards and Technology that the hackers primary motive seems to be
Theyve been focused on the [Department of Defense] the military but now
are spreading out into the health care private sector, Walker said.
Early in 2007, a virus was placed on a Centers for Disease Control and
Prevention Web site, he said, and in April a Military Health System
server holding Tricare records was hacked.
Walker said the hackers are seeking to exfiltrate health care data. We
dont know why, he added. We want to know why. At the same time, he said,
its clear that medical information can be used against us from a
national security standpoint.
Any health problems among the nations leaders would be of interest to
potential enemies, he said.
DHS is increasing its analysis staff to monitor threats in several
industries, including health care, and will be issuing more alerts about
cyberthreats to health care data, he said.
Walker urged the audience to report data breaches to the authorities.
Only the Veterans Affairs Department consistently reports health data
breaches, he said. As a result, he added, our understanding of the
cyberthreat to health and human services is vague at this point.
DHS wants to build a database of health information system intrusions so
it can better analyze the threats and develop countermeasures, Walker
He said poor security practices among those who use health information
systems and disgruntled employees are as much of a threat as cyber
Subscribe to InfoSec News