Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims

Despite being the most at-risk and perpetually breached critical infrastructure sector in the Nation, virtually all health sector organizations refuse to evolve their layered security to combat a hyper-evolving threat landscape. As a result, when a healthcare system is breached and patient records are stolen, the entire brutal impact of the incident that resulted from poor cybersecurity on behalf of the healthcare organization is forced onto the shoulders of the victim to deal with for the rest of their life.

In this publication, the Institute for Critical Infrastructure Technology (ICIT) is lifting the veil on how adversaries utilize Deep Web marketplaces and forums to buy and sell exploits, services, and electronic health records. Specifically, this report includes:

- Screenshots of actual Deep Web markets and forums where exploits and electronic health records are sold and bartered
- An analysis of why attacks against the health sector are so prevalent and how apathy on the part of health sector executives is empowering the adversary
- A primer of the Deep Web and the most popular market places and forums for EHRs
- A discussion on the impact stolen EHRs have on victims including the likelihood of exploitation, the fiscal cost to individual victims, the physical toll of EHR exploitations, and an analysis of high-risk victims