Report: Threat Landscape Growing Scarier for Healthcare
Health-ISAC Warns of Cybercrimes Involving Synthetic Accounts, ‘Product Abuse’
Marianne Kolbasuk McGee (HealthInfoSec) • March 23, 2023
Link to full article in Healthcare InfoSecurity:
Threats that traditionally menaced other industries – including synthetic accounts and abuse of IT product platforms – are among the top emerging worries for the healthcare sector, warns an industry report.
Synthetic accounts, which have been long used by cybercriminals to fraudulently obtain loans and credit lines, are now increasingly being used for committing healthcare fraud and other crimes, says the report, a collaboration between analysts at the Health Information Sharing and Analysis Center and consulting firm Booz Allen Hamilton.
“I saw plenty of this in the banking and finance sector, and it certainly happens in the healthcare sector with the creation of fake medical providers and fake businesses that bill insurers and the government for services never delivered,” Errol Weiss, Health-ISAC chief security officer, told Information Security Media Group.
“What’s new here is the abundance of stolen PII in criminal forums plus the commodity use of artificial intelligence tools that fuel the creation of massive numbers of synthetic IDs.”
The full report was released last month for H-ISAC members, but the organization released an executive summary for the public this week.
In terms of “product abuse” threats, healthcare organizations with internet-facing websites “are easy targets for actors that employ compromised user credentials, proxy networks, and customizable crimeware to carry out account takeovers, or unauthorized access” to systems such as health record systems, the report says.
Continue reading this article in Healthcare InfoSecurity:
Access the Executive Summary to the Threat Report here:
https://h-isac.org/2023-health-cybersecurity-annual-threat-report/
- Related Resources & News
- Healthcare Heartbeat 2024 Q4
- Health-ISAC Hacking Healthcare 2-19-2025
- Podcast: Reflecting on the Change Healthcare cyberattack
- Senate Confirms Trump Pick RFK Jr. to Lead HHS
- The Alarming Backdoor Hiding in 2 Chinese Patient Monitors
- Health-ISAC 2025 Health Sector Cyber Threat Landscape
- How Health Systems Manage Security in the Cloud
- Change Healthcare Attack a Wake-up Call for the Industry
- Five High-Impact Cyberattacks Healthcare Industry Should Avoid in 2025
- Health-ISAC Hacking Healthcare 2-11-2025