A New Angle on Cyber-attacks: Medical Conditions Become Targets

By on

When reading the news over the past few days, the following article posted by the Washington Post triggered something in me: ‘Seizure-inducing tweet leads to a new kind of prosecution’. In short, the case is about a journalist named Kurt Eichenwald, who suffers from epilepsy and received a Tweet late last year containing a flashing image. The journalist claimed to have suffered from a seizure due to the tweet. The actor’s motive for sending the Tweet containing the animated strobe image was revenge for a critical piece the journalist wrote on President Trump. He probably never thought of the possibility of being convicted for “aggressive assault with a deadly weapon”.

Figure 1Picture of image sent to victim [source justice.gov]
Normally, someone’s medical condition is not publicly available unless you openly discuss it on social media. But, I have to wonder, was this a one-of-a-kind situation or is this something we need to start becoming more aware of?

Last year, we reported several occasions of ransomware attacks targeting the healthcare sector, a sector that was formerly a no-go for most cybercriminals. Besides ransomware, 2016 was also the year where databases with patient-records and PII were being offered on the underground markets (see our report)

What if someone buys a database from a hospital, selects all epileptic patients, combines it with other leaked data around social accounts, and sends an ‘extortion note’ to the hospital? I bet that gave you the same chills as it did me.

Past research by Barnaby Jack has demonstrated vulnerabilities in insulin pumps, and he was looking into pacemakers right before he passed away. What if vulnerabilities in these devices are matched up with leaked patient records?

I have no intention to scare you, but do want to create awareness around the possible scenarios that could develop if we are not paying attention. We need to work better together, discuss the risks, and unite to help. That way, we can truly protect and defend the vulnerable people in our society.

Categories: Business
Tags: ,

Leave a Comment

Similar articles

Once, not long ago, data was nestled in paper files or stored on isolated computer networks, housed in glassed-off, air-conditioned rooms. Now, data is digital, moves effortlessly, and gets accessed from devices and places around the world at breakneck speeds. This makes it possible for businesses, organizations, and even individuals to collect and analyze this ...
Read Blog
As of last year, 2.2 billion1 people consider themselves gamers across the globe. Of that 2.2 billion, over 50% – 1.22 billion2 – play their game of choice on a PC. The sheer number of PC gamers throughout the world, however, has sparked the interest of cybercriminals and cyberthreats targeting gamers have spiked. Threats including malware, ...
Read Blog