Healthcare Sector Continues to Battle Ransomware, Insider Attacks

May 8, 2019
Ransomware incidents accounted for over 70 percent of all malware outbreaks in healthcare, according to Verizon’s 2019 report

Verizon has released the 2019 version of its Data Breach Investigations Report, which found that for the second year in a row the healthcare market is the only industry to show a greater number of insider attacks (59 percent) than external (42 percent).

The annual report provides a global view of cyberattacks from malware to insider threats to cyber espionage, and this year’s report analyzes more than 41,000 cybersecurity incidents and over 2,000 data breaches from 86 countries.

 The report notes that with internal actors, “the main problem is that they have already been granted access to your systems in order to do their jobs. Effectively monitoring and flagging unusual and/or inappropriate access to data that is not necessary for valid business use or required for patient care is a matter of real concern for this market. Across all industries, internal actor breaches have been more difficult to detect, more often taking years to detect than do those breaches involving external actors.”

Denial-of-service attacks are infrequent in healthcare, the report notes, but availability issues arise in the form of ransomware. Most ransomware incidents are not defined as breaches in the Verizon study due to their lack of the required confirmation of data loss. But healthcare organizations are required to disclose ransomware attacks as though they were confirmed breaches due to U.S. regulatory requirements. That factor influences the number of ransomware incidents associated with the healthcare sector. Nevertheless, this is the second straight year that ransomware incidents were over 70 percent of all malware outbreaks in the sector.

This year’s report also found that across all sectors the growing trend to share and store information within cloud-based solutions is exposing companies to additional security risks. Verizon analysts found that there was a substantial shift toward compromise of cloud-based email accounts via the use of stolen credentials. In addition, publishing errors in the cloud are increasing year-over-year. Misconfiguration (“Miscellaneous Errors”) led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records analyzed in the Data Breach Investigations Report dataset. This accounts for 21 percent of breaches caused by errors.

Sponsored Recommendations

Improving Workplace Safety and Patient Care in Behavioral Health

In 2023, Vail Health enhanced safety in their behavioral health clinic, but the impact went beyond their expectations. Read their case study to see how prioritizing workplace ...

Transforming Hospital Capacity Through Smarter Patient Progression Strategies

Helping patients move seamlessly through every stage of their care, from admission to discharge, is critical to ensuring patient safety, improving outcomes, and optimizing capacity...

Beyond the AI Buzz: How Clinicians Can Leverage AI for Value-Based Success

Watch on-demand to explore the impact of implementing AI in primary care settings to reduce burnout and thrive in value-based care. Including practical takeaways on driving clinician...

Building the Connected Hospital: Bridging Operational Gaps Through Technology

Join industry leaders to explore how advanced technologies like RFID, AI, EMR, and ERP systems are transforming hospitals into connected ecosystems that enhance efficiency, streamline...