Foreign hackers, primarily from Russia and China, are increasingly seeking to steal Americans' health care records, according to a Department of Homeland Security analyst.

Mark Walker, who works in DHS' Critical Infrastructure Protection Division, told a workshop audience at the National Institute of Standards and Technology that the hackers' primary motive seems to be espionage.

"They've been focused on the [Department of Defense] – the military – but now are spreading out into the health care private sector," Walker said.

Early in 2007, a virus was placed on a Centers for Disease Control and Prevention Web site, he said, and in April a Military Health System server holding Tricare records was hacked.

Walker said the hackers are seeking to exfiltrate health care data. "We don't know why," he added. "We want to know why." At the same time, he said, it's clear that "medical information can be used against us from a national security standpoint."

Any health problems among the nation's leaders would be of interest to potential enemies, he said.

DHS is increasing its analysis staff to monitor threats in several industries, including health care, and will be issuing more alerts about cyberthreats to health care data, he said.

Walker urged the audience to report data breaches to the authorities. Only the Veterans Affairs Department consistently reports health data breaches, he said. As a result, he added, "our understanding of the cyberthreat to health and human services is vague at this point."

DHS wants to build a database of health information system intrusions so it can better analyze the threats and develop countermeasures, Walker said.

He said poor security practices among those who use health information systems and disgruntled employees are as much of a threat as cyber intruders.