Healthcare Sector Continues to Battle Ransomware, Insider Attacks

May 8, 2019
Ransomware incidents accounted for over 70 percent of all malware outbreaks in healthcare, according to Verizon’s 2019 report

Verizon has released the 2019 version of its Data Breach Investigations Report, which found that for the second year in a row the healthcare market is the only industry to show a greater number of insider attacks (59 percent) than external (42 percent).

The annual report provides a global view of cyberattacks from malware to insider threats to cyber espionage, and this year’s report analyzes more than 41,000 cybersecurity incidents and over 2,000 data breaches from 86 countries.

 The report notes that with internal actors, “the main problem is that they have already been granted access to your systems in order to do their jobs. Effectively monitoring and flagging unusual and/or inappropriate access to data that is not necessary for valid business use or required for patient care is a matter of real concern for this market. Across all industries, internal actor breaches have been more difficult to detect, more often taking years to detect than do those breaches involving external actors.”

Denial-of-service attacks are infrequent in healthcare, the report notes, but availability issues arise in the form of ransomware. Most ransomware incidents are not defined as breaches in the Verizon study due to their lack of the required confirmation of data loss. But healthcare organizations are required to disclose ransomware attacks as though they were confirmed breaches due to U.S. regulatory requirements. That factor influences the number of ransomware incidents associated with the healthcare sector. Nevertheless, this is the second straight year that ransomware incidents were over 70 percent of all malware outbreaks in the sector.

This year’s report also found that across all sectors the growing trend to share and store information within cloud-based solutions is exposing companies to additional security risks. Verizon analysts found that there was a substantial shift toward compromise of cloud-based email accounts via the use of stolen credentials. In addition, publishing errors in the cloud are increasing year-over-year. Misconfiguration (“Miscellaneous Errors”) led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records analyzed in the Data Breach Investigations Report dataset. This accounts for 21 percent of breaches caused by errors.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?