Insurers need to work with each other to build a more comprehensive picture of what they are dealing with and prioritize threats. "I wouldn't try to go figure it out alone," Barger says. Cooperation and sharing intelligence is a must. "We're all in the same boat and we should start acting like it."
Johnson rates the attackers' skills at 8 on a scale of 10. "You have to be pretty good to do this," he says.
Right now malware from these attackers is probably on systems that people think are not touched and that won't expose themselves by trying to communicate out for another year. "That's what I'm worried about," he says.
And health care enterprises aren't the only targets. Any business doing business with a target is also a target that could be used as a jumping off point to infiltrate the main objective's network, Johnson says.
"I don't believe this is the end," he says. "Other companies are finding out right now [that they are breached] or not, but they are. There was nothing extra vulnerable about Anthem or Premera."
Sign up for CIO Asia eNewsletters.