Norton Security describes bots as Internet robots, also called spiders, crawlers and web bots.

Healthcare organizations are beginning to look to bots to perform automated tasks, such as indexing a search engine.

However, these automated applications also can be used maliciously as malware and gain total control of a computer or information systems.

After a bot is in an environment, it can access insurance accounts, provider organization accounts, patient portal accounts and vendor accounts, says Reid Tatoris, vice president of product outreach at Distil Networks, a cybersecurity company specializing in bot detection and mitigation.

A hacker can use a bot to access accounts and find test results; financial information such as bills; payments made through debit, credit or health savings accounts; and patients’ Social Security numbers, he says.

That information can include more than just basic health information, he adds. A bot may cull insurer information from a patient, for example, and find whether a patient has a mortgage, doctors that the patient has seen, personal health information, medications and the pharmacies that a patient uses. It’s a perfect recipe for identity theft, Tatoris contends.

“If a patient has a prescription for opioids, the hacker can see that, grab the prescription, go to the patient’s pharmacy, state the patient’s name and address, and walk out with the opioids,” says Tatoris. “Anyone with PHI online is a target.”

Also See: Partners Healthcare notifies 2,600 patients after malware attack

Ten years ago, hackers were setting up bots in Russia, but neither the bots nor the perpetrators were sophisticated, Tatoris explains. Today, bots are attacking medical devices and using individuals’ own computers to attack other victims. And it’s difficult to block a bot because the location of the bot can change every day.

Fortunately, there are some steps that can make a hacker’s task more difficult, such as having multiple strong passwords. If an individual uses the same password for accessing insurance information and accessing an account at a Target store, those are now known sites to a hacker, who can use the password to find more sites.

Healthcare organizations routinely monitor web traffic coming into a facility, but they may not be monitoring certain metrics, according to Tatoris. Questions to consider include “How frequently are we seeing this user?” “How often is the user moving the mouse?” “Is the user acting like most other users would act, or is the user working very fast in a robotic mode and not acting as a human would act?”

Tatoris contends that providers really should not try fighting the bot war on their own. “There’s no way for a provider to do this; you are not an expert at bots,” he adds. “It’s an arms race, and if you see bots on your site, it turns into a game of whack-a-mole,” indicating that it’s difficult to keep up with an automated application that disappears and then reappears somewhere else in a system.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access