Prospect Medical Holdings, a chain that owns hospitals, as well as more than 165 outpatient facilities, said ransomware hackers had breached its system.
Prospect Medical Holdings, a chain that owns hospitals, as well as more than 165 outpatient facilities, said ransomware hackers had breached its system.
What the hell? That’s terrible news. I don’t understand why they’d target a hospital system at all. Seems cruel.
Because it’s valuable.
Have to think, these people don’t have moral codes like you or I, so trying to find the logic in morality isn’t going to get you anywhere.
Now that we’re past the obstacle of morality, we can get to the meat of it:
Hospitals have valuable data and a lot of essential systems. The users of those systems would pay a lot to keep it functional and accessible.
They have massive attack surface. There’s so many vulnerable points in a hospital that one could imagine, with a few insights, a few attack vectors just walking around one and being observant.
The staff often aren’t educated in proper practices, the dos and don’ts of infosec, and are also often overworked and very tired. This leaves them vulnerable to phishing attacks, tailgating, you name it. Trained about tailgating? A lot of them use RFID cards to access specific areas, and cloning those is trivial.
TL;DR hospitals are valuable and (sadly) easy targets.
Information to ransom, among other things that sebinspace said.
HIV diagnosis? STD diagnosis? Someone on hormones for gender-affirmijg purposes? Abortions? In places where these may or may not be legal or safe for such knowledge to be public, victims aren’t likely to think twice before panicking and paying up to not have their data leaked.