Not long ago I spoke with the IRS about cyber attacks that target Americans’ identities and this is what I was told by two, not just one, agents.
The cyber attacks of any entity, not simply private or public, is an intelligence operation. What do I mean by that? The cyber attack is not just to interrupt smooth operations of the internet, but, is more or less an intelligence gathering activity.
The cyber attackers (yes, plural) enter any chosen entity and download any information they can find within that computer system. They don’t care about the security improvements after the cyber attack because they already have all the information they want.
So, what do they do with it? They start profiles on all the people they now have information. Initially, those profiles are incomplete, but, with additional attacks on other chosen entities the profiles become complete over time. Once the identity is complete that identity is used to carry out any purpose the hackers want to carry out, usually financial.
This is a serious issue. It is not the hospitals that currently experience these attacks but it is the companies and organizations, public and private, that SERVICE the healthcare industry. The cyber attack being reported today of an enormous payment system is typical of the entities involved in the leaks of personal identity characteristics.
The point is there is no such thing as internet security. Not really. There needs to be legislation that requires any and all entities that handle and/or require personal information of any American, including prisons, to have a very, very security system that cannot be breached. It is possible to have tight security around every Americans’ identity and it must be law to provide it.