We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Incident response firm BreachQuest has released their latest report that examines top healthcare threat actors and methods, observations from past cyberattacks, and insights on ransomware incidence as well as actions and best practices organizations can take to be more secure.
With threat actors continuously innovating and utilizing upgraded variants of ransomware and malware, healthcare organizations must explore how they can increase their preparedness. Based on the data and unique challenges found in the healthcare vertical, the report provides perspective tips to ensure insurability mitigation and resilience for organizations. Some of the topics covered include botnets and healthcare; why healthcare data is so valuable; and how healthcare organizations should protect themselves when nearly two-thirds of their breaches come from vendors.
Although ransomware remains a common attack vector, the healthcare industry overall is a prime target to cybercriminals for a number of reasons. Sixty percent of the ransomware attacks in the healthcare industry took place within the United States. Because of the sensitive information the medical databases contain, the data is seen to be more valuable and is sold for more money on the dark web or in most cases, is held hostage until a ransom is paid. During the event of encryption, organizations lose many hours in attempts to restore operations and regain access to the data. Most importantly, organizations lose the ability to care for its patients. Ransomware attacks are costlier than other types of breaches, since the data is so sensitive and valuable.
Unfortunately, the healthcare industry has been slow in updating its outdated systems and keeping up with cybersecurity technology, most dedicating a smaller portion of their budget to cybersecurity compared to other sectors. In fact, only 4-7% of a healthcare provider’s IT budget is focused on cybersecurity. However, this number is expected to grow. Even though cybersecurity awareness may be increasing, cybercriminals are constantly finding ways to be better and faster.
There isn’t a simple solution for healthcare organizations and privacy. The complexity faced with nation-state attacks, zero-day attacks, spying, stolen trade secrets, misinformation and stolen finances will continue to be a problem for healthcare organizations. However, there are great people and organizations providing guidance, frameworks and information and knowledge sharing to help businesses and organizations, including healthcare.
The report includes original BreachQuest analysis and data along with pooled research from various sources.
Read the full report by BreachQuest.