Light Dark
December 18, 2015 By Nicole van Deursen 3 min read
Cloud Security
Healthcare

Earlier this year, the media warned the public that 2015 would be the year of the health care hack. The prediction has come true, as 2015 saw a record 100 million people affected by a health care data breach. In this article, we remind ourselves of the main factors that contribute to security risks in health care cloud computing and compare these to the actual reported data breaches in 2015.

Cloud Security Risk Factors

Traditional security threats are well-known, and most of them apply as much to cloud computing as they do to traditional information and communications technology (ICT) networks. However, cloud computing does also bring a few new or more specific risks.

Insiders

When it comes to security breaches, it is often stated that the malicious insider is one of the most important initiators. In a cloud setting, there is a second group of insiders to consider: the staff at the cloud provider, such as administrators with high-privilege roles or who deal with incident response and auditors.

All common cloud types (e.g., IaaS, PaaS or SaaS) are equally affected by third-party insider attacks as long as the insider can gain access to the data center or cloud management system.

Cloud Computing Itself

In the past, cybercriminals used multiple computers or a botnet to create enough computing power for an attack. This process was complicated and could take months to complete. Nowadays, however, malicious actors use the computing and storage power of cloud networks to prepare brute-force attacks in a few minutes.

The Profits

With the black-market price of a patient’s identifiers now higher than the price for credit card details, motives for initiating data breaches in health care cloud environments are mainly financial. Health data is not only used for identity theft, however. Companies make a business out of medical conditions and approach patients with targeted marketing of medications or treatments.

Popular Attack Types

IBM recently identified the most frequent types of attacks to health care data in the cloud. The top offenders included getting a victim to open a malicious document or to click on a link that leads to a malicious site, the Shellshock vulnerability, brute-force attacks and the use of outdated systems.

The Year of the Health Care Data Breach

In 2015, several large data breaches were reported by health care organizations. In fact, according to the Breach Level Index, the health care industry suffered more breaches in 2015 than any other sector. The breach portal of the U.S. Department of Health and Human Services showed that over 100 million people were affected by health care data breaches in 2015. Of the breaches affecting more than 1 million patient records, only one reported that health care cloud services were involved, although details were not revealed.

The other large-scale breaches reported no business partners involved and stated that the incidents took place within the organization itself. In fact, 46 percent of the 242 incidents were related to portable data, such as data on laptops, hand-held devices, paper or film. These are breaches that may have been avoided if the companies in question had used cloud services.

This seems like good news for cloud providers, but they can’t get too smug about this. When that one cloud data breach does happen, the impact will likely be enormous, and the consequences will be felt by millions of patients for a long time to come.

With few cloud breaches reported, it seems that providers are doing a good job with security. To continue this trend, they have to stay on top of it, especially as more and more data is moved to the cloud.

It is somewhat disappointing that the breached organizations do not provide more detail about what really caused the leaks. Academics, the public, health care providers and ICT providers need to learn about current threats and vulnerabilities to ensure that patient data in the cloud stays secure. Keeping the details of data breaches secret does not help to design better security.

Read the IBM Research report: Security trends in the healthcare industry

Conclusion

Many health care organizations use cloud services for the hosting of clinical applications and data, health information exchange and backups and data recovery. With these cloud services come specific security risks even though there haven’t been many reported health care cloud breaches. In the years to come, cloud security will be truly tested and we must be prepared.

Security intelligence tools offer predictive analytics, prioritized threat data and a proactive response to support that preparation. However, the full potential of security intelligence can only be reached when details about threats and breaches are publicly shared. Then researchers and the industry create intelligent systems that outsmart attackers that are after our personal data.

 |  |  |  |  |  | 
Nicole van Deursen
Information Security Researcher

More from Cloud Security
January 22, 2025

2024 Cloud Threat Landscape Report: How does cloud security fail?

4 min read - Organizations often set up security rules to help reduce cybersecurity vulnerabilities and risks. The 2024 Cost of a Data Breach Report discovered that 40% of all data breaches involved data distributed across multiple environments, meaning that these best-laid plans often fail in the cloud environment.Not surprisingly, many organizations find keeping a robust security posture in the cloud to be exceptionally challenging, especially with the need to enforce security policies consistently across dynamic and expansive cloud infrastructures. The recently released X-Force…

January 8, 2025

Cloud threat report: Why have SaaS platforms on dark web marketplaces decreased?

3 min read - IBM’s X-Force team recently released the latest edition of the Cloud Threat Landscape Report for 2024, providing a comprehensive outlook on the rise of cloud infrastructure adoption and its associated risks.One of the key takeaways of this year’s report was focused on the gradual decrease in Software-as-a-Service (SaaS) platforms being mentioned across dark web marketplaces. While this trend potentially points to more cloud platforms increasing their defensive posture and limiting the number of exploits or compromised credentials that are surfacing,…

December 18, 2024

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature