IntSights Cyber Intelligence Finds an Estimated 30% of Healthcare Databases Are Exposed Online
December 5, 2018
IntSights Cyber Intelligence, the leading provider of surface, deep and dark web cyber threat intelligence and digital risk protection solutions, announced today the release of the company's latest research report, Chronic [Cyber] Pain: Exposed & Misconfigured Databases in the Healthcare industry. The report explores a key area of the healthcare attack surface, which is often the easiest to avoid - exposed databases.
Using simple search techniques and a basic understanding of healthcare technology solutions, IntSights researchers found that an estimated 30% of healthcare databases are openly exposed online. It's not only old or outdated databases that get breached, but also newly established platforms that are vulnerable due to misconfiguration and/or open access.
"Stepping into the shoes of an everyday hacker, our threat research team used a combination of openly available tools, knowledge of default port configurations and educated guessing to identify exposed healthcare databases and, ultimately, uncover over 1.5 million healthcare records without using any intrusive methods," said Ariel Ainhoren, Threat Researcher, IntSights. "The rate at which we could discover openly accessible PII and medical data is alarming, and should serve as a wakeup call to the healthcare industry that some of their most basic processes are riddled with vulnerability, often due to simple error, oversight and/or misconfiguration."
The research report also provides specific examples of exposed databases using a variety of search methods, and provides recommendations for how healthcare organizations can more effectively secure their data.
The full research report is available for download here: https://intsights.com/resources/chronic-cyber-pain-exposed-misconfigured-databases-in-the-healthcare-industry.
IntSights is redefining cyber security with the industry's first and only enterprise threat management platform that transforms tailored threat intelligence into automated security operations. Our groundbreaking data-mining algorithms and unique cyber reconnaissance capabilities continuously monitor an enterprise's external digital profile across the surface, deep and dark web, categorize and analyze tens of thousands of threats, and automate the risk remediation lifecycle -- streamlining workflows, maximizing resources and securing business operations. This has made IntSights' one of the fastest growing cybersecurity companies in the world. IntSights' has offices in Amsterdam, Boston, Singapore, Tokyo, New York, Dallas and Tel Aviv. To learn more, visit: https://www.intsights.com.