In May, the annual Verizon Data Breach Investigations Report was released and provided in depth analytics about threats facing multiple industries. Data from the healthcare industry illustrates threat actors across all sectors are heavily financially motivated, but human error can be just as dangerous to a healthcare organization as a money motivated criminals and hackers. According to the report, 91% of industry agnostic breaches in North America were financially motivated. Within the healthcare vertical, error was associated with 31% of breaches – only slightly less than breaches that were associated with crimeware. Misconfiguration, specifically, has been an increased source of breaches within our vertical.
Despite error being an increased cause of concern, the Verizon Data Breach Investigations Report demonstrated that credential theft, phishing, business email compromise and other social engineering attacks caused more than 67% of breaches. As the economic downturn has increased with the COVID-19 pandemic, the Mi|HSOC has observed an increase in threats associated with phishing – both for credential harvesting and social engineering. This already effective method has proven to not only be more effective, but more popular as the pandemic has continued. Since the inboxes of many healthcare professionals contain PII or PHI, user training against phishing attacks is imperative. The Mi|HSOC agrees with the recommendation of the Verizon report that implementing a security awareness and training program (CSC 17) is a crucial and effective control.
Lastly, an increase in attacks associated with Web Applications was recorded. In our increasingly interconnected world, new patient communication apps and access to telehealth platforms promises to increase this attack vector. While reducing attack surface is a legitimate strategy used across all sectors, in healthcare it is not an option when it interferes or decreases access to patient care. Monitoring and controlling risk associated with healthcare specific webapps promises to be a progressively important priority for all healthcare cybersecurity teams going forward. Collaborating with partners that have access to up to date vulnerabilities and threats related to healthcare focused web apps is advisable. The Mi|HSOC concentrates on cybersecurity for the healthcare industry and risks associated with this highly specialized sector.
References: