Medical data is gold on the black market: Healthcare industry 200% more likely to suffer data theft

The healthcare industry sees 340 percent more security incidents and attacks than the average industry and, as a result, is more likely to be impacted by data theft, according to Websense Security Labs 2015 Healthcare Drill-Down Report. According to the Raytheon|Websense report, medical information is 10 times more valuable on the black market making healthcare a major target for cybercriminals; and 200 percent more likely to encounter data theft. [caption id=“attachment_1206663” align=“alignleft” width=“300”]  AFP[/caption] “The proliferation of electronic health records creates a data-heavy environment, while networks comprising thousands of providers present an enormous attack surface.” The report that examined the current state of cyber threats and data-stealing attacks against an increasingly digital healthcare industry revealed that healthcare is highly-targeted and increasingly vulnerable as the next wave of connected devices hits an already complex technology environment. In 2014, Websense identified a 600 percent increase in cyber-attacks against hospitals within a 10-month period. As a follow up to this discovery, Raytheon|Websense Security Labs recently examined the real-world attack telemetry against healthcare, uncovering new intelligence about the most prolific and effective cyber-attack tools, techniques and security trends impacting the industry. One in every 600 attacks in the healthcare sector involve advanced malware, highlighted the report. In fact, the healthcare sector is four times more likely to be impacted by advanced malware than any other industry. “With many organisations lacking budget and the administrative, technical or organisational skills necessary to detect, mitigate and prevent cyber-attacks, advanced malware presents a significant threat to healthcare infrastructure.” The healthcare sector is 74 percent more likely to be impacted by phishing schemes.  A lack of effective security awareness training and employee security awareness programmes often compounds the danger of increased phishing attempts, resulting in more security incidents. Healthcare is 4.5 times more likely to be impacted by Cryptowall and three times more likely to be impacted by Dyre. “The rapid digitization of the healthcare industry, when combined with the value of the data at hand, has lead to a massive increase in the number of targeted attacks against the sector,” said Carl Leonard, Raytheon|Websense principal security analyst. “While the finance and retail sectors have long honed their cyber defenses, our research illustrates that healthcare organisations must quickly advance their security posture to meet the challenges inherent in the digital economy – before it becomes the primary source of stolen personal information.”