AI not yet a game-changer for healthcare hackers 

/in


New research into recent hacks waged against the healthcare sector gave cause for concern about the rise of generative AI and the likely part it will play in future phishing attacks. 

Artificial intelligence and generative AI top the list of emerging and prominent threats to the healthcare industry highlighted in a report published Thursday by Trustwave’s SpiderLabs team.  

Phishing remains the most common method for gaining an initial foothold in an organization, the report noted, indicating all it often takes for an intrusion to occur is a well-crafted email.  

Generative AI tools trained on large language models (LLMs) are designed to create content that mimics human behavior and language, such as the text of an email or computer code, for example.  

Yet despite its usefulness in conducting cyberattacks — as well as constant advancements in sophistication — AI has not significantly disrupted the current threat landscape, SpiderLabs reported.  

“While LLMs and other technologies categorized as AI seem to have matured at a near-miraculous rate over the past year, we don’t have any indication that LLMs have ‘changed the game’ in any substantive way beyond the existing cat-and-mouse games we’ve always worked against in the security industry,” reads part of the SpiderLabs report. 

Previously considered off-limits by some hackers, cyberattacks suffered by the healthcare sector can potentially result in dire consequences: numerous hospitals in the U.S. and abroad have endured ransomware attacks in recent years that temporarily rendered some of their computer systems inoperable, while data breaches within the industry have become regular occurrences.  

More than 28.5 million healthcare records were breached in 2022, or roughly double the number reported merely three years earlier, according to the U.S. Department of Health and Human Services. More recently, medical giant HCA Healthcare announced Monday that the personal data of about 11 million patients from 20 states may have been stolen in a newly discovered data breach.  

A more persuasive phishing email

Fruitful phishing attacks may yield myriad results, depending on factors such as the perpetrator, payload and target. In…

Source…