Governance & Risk Management , Incident & Breach Response , Security Operations

Evolution of Healthcare Cybercrime

FireEye's Nettesheim on Lessons Learned from Investigations
Evolution of Healthcare Cybercrime

Cybercrimes targeting healthcare organizations are growing and evolving, and much can be learned from recent breach investigations, says James Nettesheim, a senior consultant at Mandiant, a FireEye company.

See Also: Are Security Tools Slowing Your Response?

One of the big shifts in the landscape is that healthcare entities are growing targets of advanced persistent threats, Nettesheim says. "[These threats] are targeting both the technology behind the healthcare industry and the personal information a lot of these healthcare companies have. And they're using that [data] to target the people the healthcare organizations are supporting."

Nettesheim cannot discuss specific cases, but he can discuss common trends. And one that he sees is an uptick in attacks on remote-access systems. such as VPNs - particularly if they rely solely on single-factor authentication.

"We're also seeing the more typical spear-phishing attacks," he says. "It's very difficult to defend against [these] attacks because the attackers are constantly changing their tactics."

Nettesheim discussed cybercrime trends at Information Security Media Group's recent Healthcare Information Security Summit in Boston.

In a video interview at the event, Nettesheim discusses:

  • Top crime trends he's tracking;
  • Insights from recent investigations;
  • How healthcare entities can improve detection and response.

Nettesheim has more than a decade of experience in the computer security industry, with particular areas of interest including incident response, digital forensics, mobile security, vulnerability assessments and security architecture design. He has provided computer forensic and incident response support to Fortune 100 organizations, financial institutions and government organizations. Prior to joining FireEye, Nettesheim was a forensic investigator within the United Nations Office of Internal Oversight Services. Previously, he served as a computer scientist at United States European Command headquarters, where he assisted in the investigation of computer intrusions/incidents and was the technical expert performing cyber-engagement with partner nations.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.