* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Cybersecurity](https://www2.paloaltonetworks.com/blog/category/cybersecurity-2/)
* Will Healthcare Providers...

# Will Healthcare Providers Be the Next 'Target' for Cybercriminals?

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2014%2F05%2Fwill-healthcare-providers-next-target-cybercriminals%2F)  
[](https://twitter.com/share?text=Will+Healthcare+Providers+Be+the+Next+%E2%80%98Target%E2%80%99+for+Cybercriminals%3F&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2014%2F05%2Fwill-healthcare-providers-next-target-cybercriminals%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2014%2F05%2Fwill-healthcare-providers-next-target-cybercriminals%2F&title=Will+Healthcare+Providers+Be+the+Next+%E2%80%98Target%E2%80%99+for+Cybercriminals%3F&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2014/05/will-healthcare-providers-next-target-cybercriminals/&ts=markdown)  
\[\](mailto:?subject=Will Healthcare Providers Be the Next ‘Target’ for Cybercriminals?)  
Link copied  
By [Palo Alto Networks](https://www.paloaltonetworks.com/blog/author/palo-alto-networks-staff/?ts=markdown "Posts by Palo Alto Networks")  
May 19, 2014  
4 minutes  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)  
[Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown)  
[Vertical](https://www.paloaltonetworks.com/blog/category/vertical/?ts=markdown)  
[Application Visibility and Risk Assessments](https://www.paloaltonetworks.com/blog/tag/application-visibility-and-risk-assessments/?ts=markdown)  
[AVRs](https://www.paloaltonetworks.com/blog/tag/avrs/?ts=markdown)  
[cybercriminal](https://www.paloaltonetworks.com/blog/tag/cybercriminal/?ts=markdown)  
[healthcare](https://www.paloaltonetworks.com/blog/tag/healthcare-2/?ts=markdown)  
[personal health information](https://www.paloaltonetworks.com/blog/tag/personal-health-information/?ts=markdown)  
[PHI](https://www.paloaltonetworks.com/blog/tag/phi/?ts=markdown)

A few weeks ago, the [FBI warned U.S. healthcare providers](http://www.securityweek.com/fbi-issues-warning-healthcare-industry-cyber-security-report) that their cybersecurity systems are more vulnerable to hacking compared to other sectors such as retail.

That's a significant statement because, let's face it, the retail sector has had tough year in cybersecurity. From 40 million credit and debit card numbers stolen from Target and 1.1 million credit and debit card numbers stolen from Neiman Marcus to an eight-month-long security breach at Michael's, it's retail that's dominated the security breach headlines lately, not healthcare.

But let's examine the FBI's reasoning, which includes that personal health information may be even more valuable now than credit card information.

For starters, with all the recent breaches in retail, the online black market for credit cards is currently flooded with supply far exceeding demand driving down prices and therefore cyber criminal profits. Last year, [Dell SecureWorks reported](http://www.darkreading.com/attacks-breaches/hackers-hawk-stolen-health-insurance-information-in-detailed-dossiers/d/d-id/1140126) that in black markets online, U.S. credit card numbers are only selling for $1 to $2 on average while U.S. heath insurance credentials sell for up to $20. That's a wide and attractive margin.

At the same time, costs for obtaining credit card information from the retail sector by means of criminal hacking are increasing. The sheer extent of the news coverage of Target and other retail breaches -- and the resulting loss of consumer confidence -- have prompted that industry to not only prioritize security but also to increase spending to bolster prevention, detection, mitigation and forensics capabilities significantly. That means higher costs, lower payoffs, harder work and more risk for cyber crooks who will likely begin to look for greener pastures elsewhere -- such as healthcare.

Like credit cards, personal health information (PHI) can be used to commit basic financial fraud. But unlike credit cards, which have elaborate fraud detection systems in place to detect and prevent abuse, it may take weeks or even months for victims to realize their personal health information has been stolen. This makes personal health information much more valuable than basic credit card information to cyber criminals. And unlike a credit card number which can be simply cancelled, PHI is much more complicated and much more difficult to deny or restrict access to, so thieves may be able to continue to use it for some time even after the loss has been reported to authorities. Finally, and even more disturbing, is that with access to medical records, criminals can also impersonate patients and obtain prescriptions for controlled substances.

Having personally been involved with over 30 Application Visibility and Risk Assessments (AVRs) completed in hospitals over the past year, I can attest that the threat is very real. I've seen it all: Botnets, malware, medical device hacking, brute force attempts, DDoS attacks, unauthorized applications, a surprising amount of Pinterest, an unbelievable level of bandwidth abuse, potential confidential Personal Health and financial data loss and a ton of unknown UDP.

While the results of an AVR can be disturbing, they can also be a much needed wakeup call. Completing an AVR with Palo Alto Networks is really the best first step a healthcare organization can take to improve it's security posture by gaining immediate visibility into what both authorized and potentially unauthorized users are doing on the network.

Generating an AVR is simple and non-invasive. Working with a Palo Alto Networks sales engineer, all that is required is to plug an evaluation box into a span port on your network and within 15 minutes you will begin to see real time network details on applications, users, malware, botnets and likely much, much more you didn't even know was there.

After seven days of data collection, an AVR report can be generated that will provide a complete diagnostic and checkup on your organization's overall cyber security health. While it contains no personal or organizational specific information it does include tons of valuable statistical data that can be easily understood by both security professionals and administrators which helps facilitate a candid and fact based discussion on how best to move forward improving organizational security.

If you're interested in completing an AVR report with Palo Alto Networks you can contact your local sales team or [request one here](http://connect.paloaltonetworks.com/AVR) and see what you've been missing.

The FBI has proactively issued this warning to healthcare providers rather than wait for a wake-up-call such as the Target breach to motivate change in the sector, which is a good thing. The healthcare industry would be wise to heed it; get an AVR checkup done immediately and don't let your healthcare organization become the next Target.

*** ** * ** ***

## Related Blogs

### [Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/sase/category/use-cases/?ts=markdown)

[#### How Zero Trust Accelerates a More Secure Infrastructure for Healthcare](https://www2.paloaltonetworks.com/blog/sase/how-zero-trust-accelerates-a-more-secure-infrastructure-for-healthcare/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown)

[#### Cloud Native Security for the Healthcare Industry](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-native-security-for-the-healthcare-industry/)

### [CSO Perspective](https://www.paloaltonetworks.com/blog/category/cso-perspective/?ts=markdown), [Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Healthcare Hot Seat: 3 Things to Remember About Cloud Compliance](https://www2.paloaltonetworks.com/blog/2019/02/healthcare-hot-seat-3-things-remember-cloud-compliance/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown)

[#### This Is The Year to Prioritize Cloud Security In Healthcare](https://www2.paloaltonetworks.com/blog/2017/03/year-prioritize-cloud-security-healthcare/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown)

[#### 2017 Cybersecurity Predictions: Sure Things and Long Shots](https://www2.paloaltonetworks.com/blog/2017/01/2017-cybersecurity-predictions-sure-things-long-shots/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Vertical](https://www.paloaltonetworks.com/blog/category/vertical/?ts=markdown)

[#### Palo Alto Networks and the Virginia Governor's Office --- Taking Cybersecurity Education to Virginia Schools](https://www2.paloaltonetworks.com/blog/2015/07/palo-alto-networks-and-the-virginia-governors-office-taking-cybersecurity-education-to-virginia-schools/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language