Healthcare Hardest Hit by Cyberattacks, Data Breaches in 2018

April 02, 2019 - Healthcare was the leading industry for cyberattacks and data breaches last year, making up 41 percent of cyber incidents tracked by specialty insurer Beazley.

The financial services industry was in a distant second place, making up 20 percent of data breaches and cyberattacks, followed by education with 10 percent and professional services with 7 percent, based on data collected by Beazley Breach Response (BBR) team from more than 3,300 cyber incidents.

Beazley found that most common cause of a healthcare data breach was unintended disclosure by an employee, accounting for 31 percent of cyber incidents in the sector, although incidents of hack or malware attacks increased by 10 percentage points compared to 2017 to 30% of the total.

Healthcare was the second hardest-hit sector by business email compromise (BEC) among Beazley insureds after financial services, accounting for 22 percent of all cases. Financial institutions were the top industry, making up 27 percent of BEC attacks, followed by healthcare, education at 12 percent, professional services at 11 percent, manufacturing at 7 percent, retail at 5 percent, hospitality also at 5 percent, real estate at 3 percent, and other at 8 percent.

Compromised email accounts can be used for reconnaissance, spam attacks, fraudulent wire transfers, launch point for other attacks within the network, and theft of sensitive data in the compromised inbox.

Overall, BEC incidents soared 133 percent between 2017 and 2018, according to Beazley.

Nat Cross, Beazley’s global head of healthcare, said: “Healthcare providers are particularly vulnerable to attack by ruthless cybercriminals intent on getting their hands on sensitive data.”

“This comes at a high price for the healthcare sector for which patient care including protecting personal information is absolutely critical,” Cross added.

Healthcare bore the brunt of ransomware attacks in 2018, constituting 34 percent of attacks. There was a tie for second place, with financial institutions and professional services, each bearing 12 percent of ransomware attacks.

Other industries targeted by ransomware attacks include retail (8 percent), education (7 percent), manufacturing (6 percent), government (6 percent), real estate (4 percent), hospitality (3 percent), and other (8 percent).

Ransomware attackers are going after small and medium-sized enterprises (SMEs), which are often ill-prepared for an attack. In fact, 71 percent of ransomware attacks tracked by Beazley victimized SMEs.

The highest ransom demand reported to Beazley last year was $8.5 million, $935,000 was the highest ransom Beazley paid in 2018, and $116,324 was the average ransom demand and/or payment in 2018.

To combat ransomware, Beazley recommended that organizations: train employees on how to recognize and avoid phishing attacks, segment backups to prevent the ransomware from spreading, close remote desktop protocol (RDP) ports, require multifactor authentication for any remote connection to the network or application, and enable automatic patching of operating systems and web browsers.  

Recent variants of banking Trojans are capable of stealing credentials besides financial ones, are being used to deploy other types of malware, including ransomware, and can exfiltrate emails from Outlook.

 “The threat posed by cyber criminals continues to grow in complexity as they devise new techniques to breach IT security and trick unsuspecting employees into allowing them access to systems,” said Katherine Keefe, global head of BBR Services at Beazley.

“Healthcare providers are disproportionately affected by certain forms of data breach because of the volume of sensitive data they hold,” she added.

“Unfortunately, we see these threats globally across all sectors and we strongly believe that education about the risks and preparedness are as important as IT security measures for protecting individuals and assets from cyberattacks,” Keefe concluded.