Plan’s centralized data causes increase in identity theft

Troy Lambert 5-15, Freelance writer, editor, and author, 5-15-2017, "Cyber Attacks in Britain
Highlight Vulnerability of Healthcare," Unbound Northwest,
http://unboundnorthwest.com/index.php/2017/05/15/cyber-attacks-in-britain-highlight-
vulnerability-of-healthcare/
Healthcare is one of the most data-rich industries in the world, and the system has
incredibly desirable data. Not only are names, addresses, phone numbers, social
security numbers and every piece of information needed to steal a person’s identity
in their records, but so is information that could lead to blackmail, fraud, or con games of
many nefarious sorts. The attacks that shut down many of Britain’s hospitals, including emergency
rooms, was a perfect storm of ransomware using a hacking method it is believed was developed by the NSA as one of their
“cyberweapons.” The attacks began with a simple phishing email like the one Russian hackers used in the attacks on the Democratic
National Committee and other targets last year. After spreading through the computer systems of the victims, their data was
encrypted and access was denied, including to patient records in Britain. The hackers then demanded ransom for the users to be let
back in starting at $300 for individual computers and going up from there. It was unclear who was paying, but the attacks hit as
many as 125 countries around the globe. This highlights the vulnerability of many of the systems we rely on
every day, healthcare being one of the primary ones. Denial of Service is just one part of the puzzle. However, imagine the
centralized EHR system envisioned by the ACA, a central location where all of American’s
medical records could be accessed. “Hackers and cyber criminals are no longer only after
our credit cards to make a few purchases and ruin our finances,” Twila Brase, president and co-founder of
Citizens’ Council for Health Freedom stated in 2015. “ The intent of government actors is much more
sinister, and advancing a national initiative to combine Americans’ private medical
records into one unsecured system opens the door not only to standard criminals but also
to those who are a potential threat to our national security.” Imagine losing control of that,
or a ransomware attack on such a silo of information. How much would it be worth to unlock it? The
healthcare system talks a lot about security and keeping patient records and information
confidential. But how well are we doing?

That’s key to every global terror operation

Frank S. Perri & Richard G. Brody 11. Legal Department for the County of Winnebago,
Winnebago, Illinois, USA, and Anderson School of Management at the University of New
Mexico. 01/04/2011. “The Dark Triad: Organized Crime, Terror and Fraud.” Journal of Money
Laundering Control, vol. 14, no. 1, pp. 44–59.
C. Identity fraud According to identity fraud expert Judith Collins from the Michigan State University Identity Theft Crime and
Research Lab., “All acts of terrorism enacted against the United States have been
facilitated with the use of a fake or stolen identity (Koerner, 2005, para. 1).” Collins indicates that 5
percent of all identity thieves are connected to terrorism and 2 percent, specifically to Al-
Qaida (Koerner, 2005). In fact, the Al-Qaida terrorist involved in the September 11, 2001 attacks
had opened 14 bank accounts using several different names, all of which were fake or stolen
(Koerner, 2005). Terrorists often use stolen or fabricated Social Security numbers, credit cards and
passports to create false identities and pay for their operations (Scott, 2003). Identity theft is
possibly one of the most lucrative enterprises which terrorists have engaged in and they get
much more than money from this crime; identity theft facilitates terrorist goals of avoiding
watch lists, obscures their whereabouts, assist in terrorist funding activities and
gaining unauthorized access to entry points such as airline gates, border crossings, or
other facilities (Gartenstein and Dabruzzi, 2007). One critical aspect of identity theft, according to Denis
Lormel, formerly of the FBI’s Terrorism Review Group, is the “cloak of anonymity” that it provides;
identities are often stolen in order to carry out such violations of federal law as bank fraud, credit
card fraud, wire fraud, mail fraud, bankruptcy fraud, and computer crimes (Lormel, 2002, para. 2). Moreover, this
cloak of
anonymity means that “[t]he use of a stolen identity enhances the chances of success in the
commission of almost all financial crimes” which again enhances the importance of forensic examiners to
unravel identity mysteries (Lormel, 2002, para. 2). The 9/11 Commission Report established that terrorists have committed identity
fraud noting that travel documents are as important as weapons (Commission Report of 9/11, 2004).
Terrorists must travel clandestinely to meet, train, plan, case targets, and gain access to attack
(Poole, 2007). Furthermore, despite the passage of the Identity Theft and Assumption Deterrence Act of 1998, identity theft
remains a crime that is fairly simple to commit and for which no solution to prevention
currently exists. Terrorists continue to take advantage of the situation and attempts to develop methods to combat identity
theft (e.g. biometrics) have met with strong resistance in the USA from civil liberties organizations.

ISIS launches cyber attacks

Largs G. A. Hilse 14, Web Strategy & E-Business Development Cosultants, “RISKS OF ISIS-
CYBER-TERRORISM,” September 2014,
https://www.academia.edu/11915903/ISIS_Cyber_Terrorism_Analysis, DOA: 8-6-15, y2k
Recruiting Professionals ISIS and previous extremist-movements are experienced in
recruiting followers for their cause online 5 , so looking in other online-forums for IT security professionals is merely a
minor change in procedure. Convincing hackers, who find pleasure in making use of things in ways that were unintended, is quite
easy. Even ethical concerns tend to loosen with a budget of USD $2+ billion 6 . Furthermore, a
cyber-attack can be
compartmentalized, so that subject matter experts might be hired to work on a particular piece of software that is - by
itself - harmless. Only when put into greater context does it become harmful, without the people creating it being aware of the
intended use. Adding to the simplicity is the fact that large
quantities of the knowledge required to orchestrate
a large-scale cyber-attack are available in the public domain, and can be easily retrieved
performing searches for topics such as "penetration testing" or similar terms. Because they are people of the internet, most of the
subject matter experts required for such a project will prefer Bitcoin over conventional cash for a variety of reasons. For one, the
assets received in form of Bitcoin can be easily laundered and the source can be entirely obscured. If all fails, the claim is made that
the large sum of money originated from early Bitcoin mining operations 7 . Furthermore, it is easier to transport. Even large sums of
Bitcoin fit onto a USB drive, and can therefore cross borders without a customs official even having a hint that a perpetrator is
walking by them with the equivalent of several million US Dollars on their person An impressive, but largely useless Armory Their
expansion in Iraq has granted ISIS access to several conventional arms, among which are tanks, armored vehicles, howitzers along
with other towed artillery. An estimated 30 T-55 and T-72 battle tanks, SA-7 and FIM-92 shoulder mounted Stinger missiles, rocket
launchers, etc. on the offensive, and instruments such as the ZU-23-2 anti-aircraft guns, M79, HJ-8 and AT-4 anti-tank weapons on
the defensive side are in their possession 8 . Ongoing attempts to obtain chemical or biological agents 9 , and their deployment in
western countries is unlikely due to the high difficulty of shipping such agents undetected In terms of nuclear capabilities, ISIS
captured some 40kg of low-grade uranium compounds from a research facility in Mosul, but are far from weaponising it 10 . While
this presents an impressive arsenal, which is very useful in their current AO, deploying these weapons to strike the west is - again -
nearly impossible Necessary Transition The
jihadist-movement has repeatedly been referred to as being very
tech-savvy 11 , so in spite of the post 9/11 scrutiny, and its dynamic strategy adjustments of the
past, it is a conceivable opportunity that it will resort to acquiring the expertise necessary to
conduct large-scale cyber attacks. One of an extreme number or possible threat scenarios
resulting thereof is a prolonged internet outage. The western internet infrastructure currently has
approximately 60 Tbps available bandwidth 12 . A 2014 DDoS attack on Spamhaus 13 , an organization specializing in spam
prevention, reached 400Gbps 14 . In a speech at the 2013 Defcon Conference in Las Vegas, Cloudflare CEO Matthew Prince not only
stated that such
large-scale attacks don't require a lot of technical expertise, but that attacks of
12Tbps are realistic 15 . Those orchestrating an earlier attack on Spamhaus in March 2013 would later attack the London
Internet Exchange (LINX), the Amsterdam Internet Exchange (AMS-IX), the Frankfurt Internet Exchange (DE-CIX), and the Hong
Congesting
Kong Internet Exchange (HKIX), all of which are critical hubs in the internet infrastructure of the western world 16 .
12Tbps of the available 60Tbps of the west's
available internet bandwidth would have significant impact on
a society, in which almost any industry or part of personal lives rely heavily on network
connected infrastructure. From our personal and business communication, over traffic lights, the trains
we use to commute, up to the power- and water-treatment-plants we take for granted Ð nearly everything only works
because it is connected to the internet. An organization like ISIS would seek to create
large-scale interruption and/or damage upon the culture they despise, and favor this broadsword
attempt to cause the highest possible damage, while cyber-attacks can also be exceptionally
surgical and precise. The internet wasn't designed with security in mind, because in its infancy it was a closed circuit
system, never intended to go public. Therefore, all security measures becoming necessary for the commercial ways in which the web
is being used/misused are built upon an exceptionally vulnerable infrastructure

Grid attacks cause nuclear war

Robert Tilford 12, Graduate US Army Airborne School, Ft. Benning, Georgia, “Cyber
attackers could shut down the electric grid for the entire east coast” 2012,
http://www.examiner.com/article/cyber-attackers-could-easily-shut-down-the-electric-grid-
for-the-entire-east-coa ***we don’t agree with the ableist language
To make matters worse a cyber attack that can take out a civilian power grid, for example could also cripple
destroy the U.S. military.¶ The senator notes that is that the same power grids that supply cities and towns,
stores and gas stations, cell towers and heart monitors also power “every military base in our country.”¶
“Although bases would be prepared to weather a short power outage with backup diesel generators, within hours,
not days, fuel supplies would run out”, he said.¶ Which means military command and control centers could
go dark.¶ Radar systems that detect air threats to our country would shut Down completely.¶
“Communication between commanders and their troop s would also go silent. And many weapons
systems would be left without either fuel or electric power”, said Senator Grassley.¶ “So in a few short
hours or days, the mightiest military in the world would be left scrambling to maintain base
functions”, he said.¶ We contacted the Pentagon and officials confirmed the threat of a cyber attack
is something very real.¶ Top national security officials—including the Chairman of the Joint Chiefs, the Director of the
National Security Agency, the Secretary of Defense, and the CIA Director— have said, “preventing a cyber attack and improving the
nation’s electric grids is among the most urgent priorities of our country” (source: Congressional Record). ¶ So how serious is the
Pentagon taking all this?¶ Enough to start, or end a war over it, for sure. ¶ A cyber attack today against the US could very well be
seen as an “Act of War” and could be met with a “full scale” US military response.¶ That could
include the use of “nuclear weapons”, if authorized by the President.