Initial suspicions from the massive hack at Anthem are just starting to roll in, and they are suspicious. Long story short, a few unnamed people immediately jumped to the conclusion that it was China. That said, Anthem is hardly the only healthcare company that's been hacked lately.
It's a bit of an pandemic, actually (pardon the pun). Last year, we saw a series of attacks on hospitals and healthcare companies. It's way too soon — and a little bit presumptuous — to say that the Anthem attack was state-sponsored hackers from China. However, past attacks show that Chinese hackers have been targeting the healthcare industry, in part, because it's so easy to hack. Bad security means that hackers can gain access to personal data and possibly trade secrets that could be used or sold on the black market.
Bloomberg's sources think that the Anthem breach was part of the same strategy. There's an espionage angle, too:
In the past year, Chinese-sponsored hackers have taken prescription drug and health records and other information that could be used to create profiles of possible spy targets, according to Adam Meyers, vice president of intelligence at Crowdstrike, an Irvine, California cybersecurity firm…
"This goes well beyond trying to access health-care records," Meyers said. "If you have a rich database of proclivities, health concerns and other personal information, it looks, from a Chinese intelligence perspective, as a way to augment human collection."
Well, that makes an otherwise complex information security issue sound like a Bond movie, doesn't it? This isn't a movie though. Anthem is the second-largest health insurer in the United States and some 80 million people could be affected by this. But maybe this is just the outbreak the healthcare industry needs in order to invest in better security. [Bloomberg]