Verizon has released the 2019 version of its Data Breach Investigations Report, which found that for the second year in a row the healthcare market is the only industry to show a greater number of insider attacks (59 percent) than external (42 percent).
The annual report provides a global view of cyberattacks from malware to insider threats to cyber espionage, and this year’s report analyzes more than 41,000 cybersecurity incidents and over 2,000 data breaches from 86 countries.
The report notes that with internal actors, “the main problem is that they have already been granted access to your systems in order to do their jobs. Effectively monitoring and flagging unusual and/or inappropriate access to data that is not necessary for valid business use or required for patient care is a matter of real concern for this market. Across all industries, internal actor breaches have been more difficult to detect, more often taking years to detect than do those breaches involving external actors.”
Denial-of-service attacks are infrequent in healthcare, the report notes, but availability issues arise in the form of ransomware. Most ransomware incidents are not defined as breaches in the Verizon study due to their lack of the required confirmation of data loss. But healthcare organizations are required to disclose ransomware attacks as though they were confirmed breaches due to U.S. regulatory requirements. That factor influences the number of ransomware incidents associated with the healthcare sector. Nevertheless, this is the second straight year that ransomware incidents were over 70 percent of all malware outbreaks in the sector.
This year’s report also found that across all sectors the growing trend to share and store information within cloud-based solutions is exposing companies to additional security risks. Verizon analysts found that there was a substantial shift toward compromise of cloud-based email accounts via the use of stolen credentials. In addition, publishing errors in the cloud are increasing year-over-year. Misconfiguration (“Miscellaneous Errors”) led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records analyzed in the Data Breach Investigations Report dataset. This accounts for 21 percent of breaches caused by errors.