Florida Medicaid Hack Brings Security Flaws Back To Forefront

Florida Medicaid Hack Brings Security Flaws Back To Forefront

Last week ended with an announcement from officials in Florida reporting a data breach which exposed the personal details of some 30,000 Medicaid recipients. According to officials of the state's Agency for Health Care Administration, the breach occurred some two months ago and was caused by a state worker falling victim to a phishing scheme. The personal details compromised included everything from Social Security numbers to contact information to medical conditions.

The incident raises a few alarm bells.

State officials insist that there is “no reason to believe" the data compromised in this attack has been misused (at least yet). The concern, however, is broader than the consequences of this particular hack. The question that Americans - not just Floridians - should be asking is: what does the hack say about the data security of vital infrastructure like nationalized healthcare systems?  

This is not the first time a government healthcare system has been breached in recent memory. In April of 2012, the Utah Department of Health experienced a similar large-scale hack. Utah officials estimated that as many as 780,000 patients were affected by the data breach. Of those, 280,000 had their Social Security numbers exposed.

In February 2014, US Intelligence agencies warned the Obama administration that the cyber infrastructure supporting the Affordable Care Act was highly susceptible to attack. At the time, specific threat actors targeting the government site had already been identified. Today, researchers are still discussing the security implications of Obama Care and the challenges facing the federal government.

The WannaCry epidemic that devastated NHS hospitals in Britain last May showed that the trend of weak security practices in government healthcare systems is not limited to the United States.

It is interesting to note that the Florida breach came to light at the same time as another important incident highlighting the cyber threat to critical infrastructure. On December 14, researchers at cybersecurity firm FireEye reported a malware attack on the command controls of a power station at an unspecified location the United States. According to the report, the malware was designed to interact with Triconex Safety Instrumented System (SIS) controllers deployed at the station. FireEye stated that the penetration was designed to remotely halt the functions of the SIS. The report shows that several signs pointed to a “state actor” being behind the attack and that the breach was consistent with the strategy of nations targeting the “critical infrastructure” of international foes.

To draw any connection between these two incidents, particularly at this early stage, would be jumping the gun. However, both of the incidents underline the systemic problem of weak security of critical infrastructure in the United States.

Officials in Washington have been pushing plans to bolster security for critical infrastructure at a national level for some time. Hopefully, the lessons learned from these and similar breaches will help form the framework for policies to effectively secure these cyber assets.