Global healthcare industry sees 340% more cyber security incidents and attacks than the average industry: report

The global healthcare industry witnesses 340% more cyber security incidents and attacks than the average industry, according to a recently released reported from Raytheon | Websense, a company that helps protect organizations from cyberattacks and data theft.

The healthcare industry is a major target for cybercriminals, the company said in a press release issued on Friday, noting that healthcare records hold a “treasure trove” of data that is valuable to an attacker.

“No other single type of record contains as much personally identifiable information (PII) that can be used in a multitude of different follow-up attacks and various types of fraud,” the statement said. “Health records not only contain vital information on the identity of an individual (name, address, social security) but also often link to financial and insurance information.”

Access to PII allows an attacker to commit identity fraud, while the financial information can lead to financial exploitation. “This is a logical and profitable secondary attack area for cybercriminals who have already dealt in stolen credit card data,” the release said.

In particular, the Raytheon | Websense report, titled 2015 Industry Drill-Down Report – Healthcare, found that the healthcare industry is 400% more likely to be impacted by advanced malware and is more than 200% more likely to encounter data theft. One in every 600 attacks in the healthcare sector involves advanced malware, the report added.

In the United States alone, the Health & Human Services’ Office of Civil Rights estimates that the personal health data of up to 30 million Americans has been compromised since 2009. As of Sept. 15, the report added, 185 hacking or IT incidents involving unauthorized access to the personal health information of 500 or more individuals have so far been documented.

Raytheon | Websense researchers identified ongoing fluctuations of attack patterns throughout 2014 and 2015. The Dyre trojan, BrowseFox and different Dropper files have each taken a turn as the top type of threat encountered by the industry within the last six months alone, the report noted. Most surprising, however, was the massive and outsized proportion of attacks that use of advanced malware to target the sector.

Dropper files are used to deposit a vast variety of malware and to open backdoors into the systems that allow attackers to establish and maintain residency on a system in an attempt to garner the information they find valuable, either for themselves (in the case of nation-state attackers attempting to gain intelligence) or for sale on the dark markets frequented by cybercriminals, the report explained, adding that as an industry, healthcare is 376% more likely to encounter Dropper files than an average industry.

“It’s clear that with the amount of personally identifiable and proprietary information available and inherent as part of the healthcare industry, it will remain an attractive target to attackers and a potential weak point for untrained employees,” the report concluded. “Better, ongoing security training for employees as well as a thorough understanding of the specific and evolving cyber threats affecting their organizations and how to defend against them is the only way to counter breaches and the high cost of remediation.”