Healthcare Sector Continues to Battle Ransomware, Insider Attacks

May 8, 2019
Ransomware incidents accounted for over 70 percent of all malware outbreaks in healthcare, according to Verizon’s 2019 report

Verizon has released the 2019 version of its Data Breach Investigations Report, which found that for the second year in a row the healthcare market is the only industry to show a greater number of insider attacks (59 percent) than external (42 percent).

The annual report provides a global view of cyberattacks from malware to insider threats to cyber espionage, and this year’s report analyzes more than 41,000 cybersecurity incidents and over 2,000 data breaches from 86 countries.

 The report notes that with internal actors, “the main problem is that they have already been granted access to your systems in order to do their jobs. Effectively monitoring and flagging unusual and/or inappropriate access to data that is not necessary for valid business use or required for patient care is a matter of real concern for this market. Across all industries, internal actor breaches have been more difficult to detect, more often taking years to detect than do those breaches involving external actors.”

Denial-of-service attacks are infrequent in healthcare, the report notes, but availability issues arise in the form of ransomware. Most ransomware incidents are not defined as breaches in the Verizon study due to their lack of the required confirmation of data loss. But healthcare organizations are required to disclose ransomware attacks as though they were confirmed breaches due to U.S. regulatory requirements. That factor influences the number of ransomware incidents associated with the healthcare sector. Nevertheless, this is the second straight year that ransomware incidents were over 70 percent of all malware outbreaks in the sector.

This year’s report also found that across all sectors the growing trend to share and store information within cloud-based solutions is exposing companies to additional security risks. Verizon analysts found that there was a substantial shift toward compromise of cloud-based email accounts via the use of stolen credentials. In addition, publishing errors in the cloud are increasing year-over-year. Misconfiguration (“Miscellaneous Errors”) led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records analyzed in the Data Breach Investigations Report dataset. This accounts for 21 percent of breaches caused by errors.

Sponsored Recommendations

2024's Healthcare Buyer Journey: New Research and Insights

Join us on April 30th for a webinar unveiling insights from the latest study on the Healthcare IT Buying Journey! Discover evolving challenges, effective health data management...

Improving care with AI-powered solutions

Don't miss our April 23rd webinar delving into the transformative impact of AI-powered solutions on healthcare. Join industry leaders Reid Conant and Dr. Patrick McGill as they...

Shield your health system against cyber threats

You won't want to miss out on this imperative April 4th webinar about how you can protect your healthcare organization. Join us to learn how to fortify your health system against...

Healthcare Trends 2024: Trends & Strategies for Future Success

Explore the future of healthcare in 2024 with insights from the Healthcare Industry Trends Report. Stay ahead of the curve as we delve into the latest industry developments and...