Finjan finds “crimeware” servers hosting medical and business data
Posted Jun 25 2008 5:09pm
Finjan, Inc., a maker of network security products, has amalicious page of the monthfeature on its website. High-tech criminals are especially clever and I’m always impressed with the degree of innovation they display. And of course it’s fairly obvious how publication of these malicious pages leads to interest in Finjan’s security offerings.
This month’s malicious page details how security was compromised at a couple of prominent US health care organizations. As I’ve discussed recently (seeWhy stolen personal health information is so valuable), medical records are particularly valuable to thieves. Their value has remained high even as the value of traditional targets of hackers (such as credit cards) has fallen.
Most of the stories I’ve seen focus on the theft of laptops or of individual patient records. What Finjan has discovered is a little bit worse: stolen Citrix credentials, which hackers can use to gain broad access to an organization’s health care files without leaving much of a trace.
In this podcast I interviewed Finjan’s Chief Technology Officer, Yuval Ben-Itzhak, who shed some light on what’s going on.