Special Agent in Charge of the FBI’s Las Vegas field office, Spencer Evans, highlights the rising cases of cybercriminals infiltrating computer systems used by doctors’ offices, hospitals, and other medical facilities.
The Federal Bureau of Investigation (FBI) alerts the public about a new cyber threat involving cybercriminals taking identity theft to unprecedented levels
Traditionally, identity theft involves compromising social security numbers for financial gain. However, this evolving threat targets victims on a deeply personal level. Evans emphasizes that cybercriminals now access personal health information, including compromising photos and sensitive health records, to extort individuals. These criminals threaten to release private data unless they are paid a ransom.
The alarming aspect is that cybercriminals not only target patients but also doctors and medical businesses. Evans reveals that these criminals are exploiting both individuals and organizations by gaining access to sensitive medical records and extorting money from them.
Moreover, cybercriminals are becoming more sophisticated by targeting specific high-net-worth individuals and prominent community members. Evans warns that the medical community is an attractive target due to the large volume of sensitive information that people are willing to pay to keep private.
While Southern Nevada has not experienced as many of these cybercrimes as other regions, Evans urges the local medical community to be proactive in safeguarding its stakeholders
He advises individuals to inquire about their doctor’s or medical provider’s security measures, particularly regarding staff training to prevent social engineering attacks.
Evans explains that cybercriminals often trick employees into unknowingly introducing malware or ransomware into the system. For example, they might pose as someone from an organization and request the receptionist to click on a malicious link, granting access to medical files.
In response to this emerging threat, the FBI urges medical facilities and individuals to be vigilant and take proactive measures to protect their sensitive information. By staying informed and implementing robust cybersecurity practices, individuals and medical businesses can thwart cybercriminals’ malicious attempts to exploit their data and hold them for ransom.