- Healthcare Hardest Hit by Cyberattacks, Data Breaches in 2018
- BCM, Disaster Recovery Give Visibility During Data Breaches
“Effectively monitoring and flagging unusual and/or inappropriate access to data that is not necessary for valid business use or required for patient care is a matter of real concern for this vertical,” the report added.
Fifteen percent of data breaches analyzed in the report involved the healthcare industry, placing it second only to the public sector in terms of data breaches, according to the DBIR. The report analyzed 41,686 security incidents and 2,013 confirmed breaches from 86 countries.
The healthcare industry had 466 cyber incidents, with 304 confirmed data breaches. Seventy-two percent of data breaches involved medical data, 34 percent involved personal information, 25 percent involved credentials.
Sending Medical Data to the Wrong Person 'Plagues' Healthcare
The top three breach patterns include miscellaneous errors, privilege misuse, and web application misconfiguration. Sending data to the wrong recipient is a breach pattern “that plagues the healthcare industry. It is the most common error type that leads to data breaches,” the report related.
“Documents are a commonly compromised asset. This could be due to errors in mailing paperwork to the patient’s home address or by issuance of discharge papers or other medical records to the wrong recipient,” it added.
Ransomware attacks account for 70 percent of all malware incidents in the healthcare industry. This compared to 24 percent of all malware incidents across industries.
“Enterprises are increasingly using edge-based applications to deliver credible insights and experience. Supply chain data, video, and other critical – often personal – data will be assembled and analyzed at eye-blink speed, changing how applications utilize secure network capabilities,” said Verizon Global Enterprise President George Fischer.
“Security must remain front and center when implementing these new applications and architectures,” he noted.
The report noted that successful phishing attacks continue to plague healthcare organizations. These attacks dupe recipients into clicking on malicious links that can result in the compromise of data or credentials, which can be used to access the user’s cloud-based mail account.
“Technical IT hygiene and network security are table stakes when it comes to reducing risk," said Fischer.
“It all begins with understanding your risk posture and the threat landscape, so you can develop and action a solid plan to protect your business against the reality of cybercrime. Knowledge is power, and Verizon’s DBIR offers organizations large and small a comprehensive overview of the cyber threat landscape today so they can quickly develop effective defense strategies,” he added.
DBIR Offers Advice to Healthcare IT Security Pros
The DBIR offered several security recommendations for healthcare IT security professionals.
First, they should know where the major data stores are located in their organization, limit access to that data, and track all attempts to access it. “Start with monitoring the users who have a lot of access that might not be necessary to perform their jobs, and make a goal of finding any unnecessary lookups,” the report advised.
Second, they should improve phishing reporting processes to more quickly “respond to early clickers and prevent late clickers.”
Third, they should review processes that transmit, publish, or dispose of medical information and ensure that these processes have checks to prevent mistakes leading to data breaches.
Across industries, the report found that senior executives are 12 times more likely to be the target of social engineering attacks and 9 times more likely to be the target of social breaches than in previous years. Financial motivation remains the key driver for these attacks.