Garrett O’Hara is the Chief Field Technologist, APAC at Mimecast having joined in 2015 with the opening of the Sydney office, leading the growth and development of the local team. With over 20 years of experience across development, UI/UX, technology communication, training development and mentoring, Garrett now works to help organisations understand and manage their cyber resilience strategies and is a regular industry commentator on the cyber security landscape, data assurance approaches and business continuity.
Here's why this industry is now a top attack target.
In general, cybercriminals will target the most vulnerable of organisations that can provide the biggest payoff. In the early days of internet-based computing, this meant that the finance industry was most vulnerable to attacks.
However, it turns out a different industry has been far more lucrative in recent years. The irony is that the industry highly vulnerable to cyberattacks itself helps people who are at their most vulnerable when they are hurt or sick. It is, of course, the healthcare industry.
Healthcare is a Target-Rich Environment for Cybercriminals
It turns out that the healthcare industry has ranked highest in associated costs from data breaches for almost the last decade. The numbers speak for themselves.
The Ponemon Institute reported in its 2018 Cost of a Data Breach Study, “for the 8th year in a row, Healthcare organisations had the highest costs associated with data breaches – costing them US$408 per lost or stolen record – nearly three times higher than the cross-industry average (US$148).”
2018 Global Healthcare Breaches
The US-based website Healthcare IT News reported that healthcare continues to be a lucrative target for hackers with “weaponised ransomware, misconfigured cloud storage buckets and phishing emails dominating the year. In 2018, these threats will continue, and cybercriminals will likely get more creative despite better awareness among healthcare organisations at the executive level for the funding needed to protect themselves.”
The website also reports on major breaches specifically impacting the healthcare market around the world, including:
Hackers breach 5 million Singapore patient records, including the prime minister's
3 phishing hacks breach 20,000 Catawba Valley patient records
CMS responds to data breach affecting 75,000 in federal ACA portal
Two phishing attacks on Minnesota DHS breach 21,000 patient records
Ransomware attack on fetal diagnostic lab breaches 40,800 patient records
Phishing attack breaches 38,000 patient records at Legacy Health
417,000 Augusta University Health patient records breached nearly one year ago
4 million patient records breached in UnityPoint Health phishing attack
Ransomware attack on Cass Regional shuts down EHR
LifeBridge Health reveals breach that compromised health data of 500,000 patients
Here in Australia...
According to the Office of the Australian Information Commissioner (OAIC), from April 2018 to March 2019 there were 206 notifiable data breaches in the health sector - with 11 of those affecting more than 100 individuals.
Causes for the 58 breaches January-March 2019 were 52% down to human error, 45% due to malicious attacks and 3% resulted from system errors. Notably, breaches in the health sector greatly outnumbered the other four ‘top hit’ Australian industries; Finance & Superannuation scored half as many (27 breaches) in the quarter, Legal, Accounting & Management 23 breaches, Education 11 and Retail just three.
Cybersecurity Prevention is Better than Cure, er... Remediation!
When you are truly ready for a cyber threat ‘prevention’ system instead of remediating damages (if and when you can find them) after the fact, then a solution that delivers a deep inspection and analysis methodology is the only way to go. It must be capable of interpreting and detecting malicious code in real time – and immediately blocking threats from penetrating your defences. This solution should also be evasion proof and even prevent zero-day attacks.