Fraud Management & Cybercrime , Healthcare , Industry Specific

Hospital CISO on Why Hackers Pursue Research, Pediatric Data

Stoddard Manikin on Why Pediatric Records and Research Are So Appealing to Hackers
Stoddard Manikin, CISO, Children's Healthcare of Atlanta

Hacks on hospitals are unthinkable to most, but the threat actors behind them have reasons. Cybercriminals use pediatric patient data to apply for loans while nation-states seek medical research, says the chief information security officer of one of the largest pediatric hospital systems in the United States.

Adversaries target pediatric records to carry out fake loans with victims potentially none the wiser for years while adult records are useful for insurance or prescription fraud, says Stoddard Manikin, CISO at Children's Healthcare of Atlanta.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

Nation-states going after research data tend to be financially motivated and seek to make the attacks difficult to attribute, he also says (see: FBI: Hospital Averted 'Despicable' Iranian Cyberattack).

Then there's ransomware. "Ransomware attacks against the U.S. healthcare industry are up tremendously in the last few years. And unfortunately, we see a lot of our peer organizations impacted on a weekly basis," Manikin says. "When you get into hospital systems - some of which are a couple of hospitals, some of which are dozens or even hundreds - then they have no choice but to recover at great expense and great impact."

In a video interview with Information Security Media Group, Manikin also discusses:

  • The biggest security risks healthcare organizations face;
  • How ransomware attacks against hospitals have evolved;
  • Challenges around safeguarding patient and research data.

Manikin has more than 25 years of experience in information technology, security and privacy. He currently oversees security at three pediatric hospitals and 32 additional pediatric locations throughout Georgia. Prior to joining Children's Healthcare, Manikin spent more than three years at Logic Trends and FishNet Security, where he was responsible for pre-sales and delivery oversight of consulting services focusing on identity management, information security and regulatory compliance. Manikin joined Logic Trends from Ernst & Young, where he spent nearly seven years leading the Southeast area security services team as a senior manager.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.