New Report Shows Concerning Increase of Cyber Attacks in Healthcare

A report was recently released showing the growth and trends of malware, ransomware, and other cybersecurity threats from the past year. Overall, the use of cyber attacks increased from previous years. One industry that saw a major increase in cyber attacks? Healthcare.

In all industries, ransomware grew by 35% and malware increased by 24%. However, the healthcare industry saw that the number of cyber threats found every second doubled over the past year, with 478 threats each minute.

According to FBI data, between January and June of 2016 alone, there were over 4,000 ransomware attacks every day. The healthcare industry saw a 211% increase in cyber attacks just last year.

While the number of publicly disclosed security incidents in the healthcare industry went down by 78% in the fourth quarter of 2017, most of the incidents throughout the year were due to organizations not having the proper security practices.

“Healthcare is a valuable target for cybercriminals who have set aside ethics in favour of profits,” Christiaan Beek, McAfee Lead Scientist and Senior Principal Engineer, said. “Our research uncovered classic software failures and security issues such as hardcoded embedded passwords, remote code execution, unsigned firmware, and more. Both healthcare organisations and developers creating software for their use must be more vigilant in ensuring they are up to date on security best practices.”

With about three million patients visiting just urgent care clinics every week, the healthcare industry is a common target for cyber attacks. And with most healthcare organizations keeping digital records, cybercrime has become easier over the years.

Along with the failure to comply with security practices, the report found that the rise in cyber attacks in the healthcare industry was caused by outdated software, exposed servers, and improper protection of passwords. The research analysts studied possible attack paths hackers could have taken to healthcare data and they found exposed sensitive images and vulnerable software systems. With these attack pathways, analysts were able to reconstruct patient body parts from their records and images to print three-dimensional models.

The IT field is responsible for network administration and design as well as software programming. But without keeping updated software, this leaves servers at risk of being exposed and leading to stolen information. Without a disciplined, strict approach to cybersecurity, cyber hackers can take advantage of the too-easy targets and retract sensitive information from healthcare database systems, such as medical records and other personal data.

Among all industries, the fourth quarter of 2017 saw a rise of a new variety of cyber criminals, as a mass amount of unconventional criminal activities were used to obtain new revenue flow. Cybercriminals also targeted Android users with new apps that were developed especially for cryptocurrency mining, exposing users to attacks. They also continued to utilize fileless malware to use Microsoft PowerShell, which increased 432% throughout the entire year.

The report found 222 publicly disclosed cybersecurity incidents in the last quarter of 2017. Of these incidents in Q4, 30% took place in the Americas, with 14% in Europe, and 11% in Asia.