Reports of Healthcare IT Infrastructure Vulnerabilities Surge 341%
Reports of vulnerabilities in healthcare IT infrastructure increased 341 percent between 2017 and 2018, according to a recent study by Bugcrowd.
Source: Thinkstock
- Reports of vulnerabilities in healthcare IT infrastructure increased 341 percent between 2017 and 2018, according to a recent study by Bugcrowd.
The study, the State of Healthcare Cybersecurity 2019, is based on vulnerability reports submitted by security researchers.
“As the healthcare industry continues to move into the digital age, each new technology that provides value to patients, organizations, and caregivers also brings with it unique cybersecurity risks. IT systems, connected medical devices, digital health applications, electronic patient records – the list goes on,” explained Bugcrowd in a blog post.
“The industry hosts large swaths of confidential health and patient data, and unfortunately is one of the most targeted, with adversaries eager to find an entry-point into any system,” the blog post added.
Across healthcare organizations, more than 12 percent of all vulnerability submissions were classified as Priority 1 (P1), the most critical vulnerabilities.
The criticality scale for a vulnerability submission ranges from P1 to P5, 1 being the most critical, 5 being the least critical.
Around 16 percent were classified as P2, 42 percent were P3, 18 percent were P4, and 11 percent were P5.
“Cyber attacks in healthcare can compromise not only networks and data, but also threaten the applications and services supporting critical patient care systems. This evolving threat landscape in healthcare and migration to cloud-based infrastructure are giving rise to innovative programs such as crowdsourced cybersecurity,” the Bugcrowd report noted.
Three-quarters of healthcare vulnerabilities involves websites. Other areas of vulnerabilities include Internet of things, application programming interfaces, and mobile devices.
In the first quarter of 2019, total bug bounty payouts for healthcare vulnerability submissions by security researchers increased by 31.1 percent compared to same quarter last year. The average bug bounty payout for first quarter of 2019 was $1,088.16 per vulnerability, an 82.8 percent increase year-on-year.
