Why are hackers targeting insurance companies?

Hackers broke into a database at Anthem, the nation’s second largest health insurance provider, which contained names, social security numbers, income data and addresses of 80 million people. Judy Woodruff speaks with Mark Bower of Voltage Security about who might be behind the attack and why they would want to target an insurer.

Read the Full Transcript


    Today's disclosure of a major hacking attack on the nation's second-largest health insurer, Anthem, is setting off alarms about cyber-crime at a new level.

    Hackers were able to crack a database that included records for 80 million people. The cyber-criminals were able to get names, addresses and e-mails, as well as Social Security numbers and income. But hospital and doctor information related to patients wasn't hacked.

    Bloomberg News reported that investigators believe Chinese state-sponsored hackers are involved.

    Mark Bower is a noted expert on these issues. He's also a vice president at Voltage Security in California.

    Mark Bower, welcome.

    So, compared to the hacks we have seen until now, how serious is this one?

  • MARK BOWER, Voltage Security:

    Well, certainly, we have just started the year off with a bang in terms of data breaches; 80 million records is a very substantial amount, so this is quite a serious attack

    And the nature of the data, you have got lots of personal data that can potentially be monetized. It's going to be very inconvenient for those individuals and also quite costly for the organization that this affects.


    It is possible to know at this point who is behind this? You — we mentioned the Bloomberg news report that it's potentially the Chinese. They mentioned a group called Deep Panda.


    It's not clear yet. We only have a couple data points on information like that.

    But, fundamentally, there's got to be some organized crime behind this or very well-organized attackers to be able to get into these types of systems and steal this volume of data. And we shouldn't forget that these types of attacks are pretty much expected these days.

    We have seen breaches of this nature across the board over the last decade. And, in fact, the volumes of data that have been stolen are actually staggering these days.


    What can the people behind this data breach do with this information?


    So, it depends on the — their motive in the end. But, ultimately, if you have stolen large amounts of personal information, whether you have got Social Security numbers, name and address, date of birth, all that kind of stuff — and in this case, it seems like there's also employment history and income data — well, you can start to create identity theft situations, where you're actually stealing people's information or identity to commit fraud.

    But, more importantly, there is also the risk of side effects, that this type of data can actually result in attacks that are more targeted. So, for example, we might have an individual that is maybe a wealthy individual, and the attacker can go now after them more specifically based on the information that they have about them in what we call a spear phishing attack.

    And that might involve going after them with targeted e-mails, even phone calls, to try and get them to reveal more data that then can be used in a compromise or for further identity theft.


    So for individuals who either now or did have health coverage through Anthem, what should they be on the lookout for?


    So, after these types of attacks, what we often see is a wave of spam e-mails. Those are those fake e-mails that are often trying to lure people into Web sites where there may be viruses and malware, the more sinister phishing attacks, which might be there to lure people to Web sites to then download malware that will actually steal further information from their own personal computers or maybe even get into their bank accounts and so on with online banking.

    So people have to be vigilant to make sure that they're not seeing e-mails that look suspicious and clicking on things there. And also be wary of things like phone calls, for instance, from organizations that may be purporting to be from service providers that may be related to Anthem, but they're actually criminal gangs trying to get more information from consumers that can then be used for further fraud or accessing their bank account or accessing their computers and so on.


    Just quickly, Mark Bower, how would you rank or rate the security system at a company like Anthem? I mean, obviously, it was breached, but had they taken all the steps that a big company is supposed to take?


    That's hard to say.

    But even the best-prepared organizations can often succumb to these types of attacks. What we have found over the last several years is that the attackers are becoming much more sophisticated. The malware is becoming much more advanced. And it just takes one vulnerability to be able to bypass those traditional perimeter defenses, the firewalls and the log-in and the intrusion detection, to get into the heart of these systems.

    And once they're in there, it's too late. The information can be stolen, monetized. And we see victims, as we have seen today.


    Well, it's certainly got a lot of people's attention.

    Mark Bower with Voltage Security, we thank you.


    Thank you very much.

Listen to this Segment