Thursday 12 February 2015

First Comes Sony, Then Comes Anthem…

Last week Anthem Inc. became the latest in a seemingly endless string of corporations to succumb to a major security breach. The attack on Anthem, the second largest health insurer in the United States, is thought to have compromised the private data of up to 80 million people. Although Anthem has yet to determine who is behind the security breach, it has reported that the information accessed includes names, dates of birth, member ID/social security numbers, addresses, phone numbers, email addresses and employment information. 

Rarely has the news mentioned Anthem without also referencing Sony, the victim of another recent security breach. Rather than take the spotlight off its predecessor, the Anthem attack seems to have fed the media’s desire to continue to point to the Sony hack as a turning and tipping point in cybersecurity. Although the Sony attack currently threatens to overshadow that against Anthem, the latter is significant in its own right and must not be ignored.

Why does Anthem matter?

1. No industry is safe from hackers. The U.S. healthcare industry—a $3 trillion industry—is particularly vulnerable in part because it continues to use insecure, out-of-date computers.  Furthermore, the underground market price for health insurance credentials ($20) currently outweighs that of the average U.S. credit card ($1-$2). As an evolving threat, cybercrime has learned to go where access is easy and rewards are high.

      2. A cyberattack is no longer an isolated event; it is part of an accepted growing trend. The response to the Anthem hack has been that of expected acceptance, the inevitable next step in a post-Sony society. Rather than direct outrage at the attackers, the onus has been placed on the private and public sectors’ inabilities to protect their consumers’ data. U.S. Senator Angus King clearly stated the public’s frustration in a February 5 speech to Congress: “This week it is Anthem. A few weeks ago it was Sony. What is going to happen when it is the gas pipeline system, when it is the financial system, when it is the New York Stock Exchange, when people’s bank accounts disappear overnight? It is time for us to act, and it is time for us to act promptly.”  

      The Sony attack may have exposed global system vulnerabilities, but Anthem's recent breach provides proof that hackers are smart, everywhere, and here to stay.

No comments:

Post a Comment