Healthcare needs to start worrying about its IT vulnerability

20 September 2016
First some general data on the Gemalto report. Data breaches increased 15 percent in the first six months of 2016 compared to the last six months of 2015, the report states. Worldwide, there were 974 reported data breaches and more than 554 million compromised data records in H1, compared to 844 data breaches and 424 million compromised data records in the previous six months.

 52 percent of the data breaches in the first half did not disclose the number of compromised records at the time they were reported, so the number of compromised data records could be signifficantly higher. Over  4.8 billion data records have been exposed since 2013 when a Gemalto index began benchmarking publicly disclosed data breaches.

Identity theft has now been the number one type of data breach since 2013, when the Breach Level Index first began tracking these incidents. And it continues to represent a growing number of the total breaches. Comparing H1 2016 to the same period last year, identity theft breaches have increased in prevalence by 38%.Identity theft accounted for 64% of all data breaches in H1 2016 – that’s a total of 621 incidents and theft of more than 294 million data records (53% of all records lost/stolen).

Malicious outsiders were the leading source of data breaches, accounting for 69 percent of breaches, up from 56 percent in the previous six months. In terms of top three geographic regions for reported data breaches, 79 percent were in North America, 9 percent were in Europe, and 8 percent were in Asia-Pacific.

Closer look at health care

Now lets take a closer look at the health care sector.  While Government took home the un-coveted trophy for most data records lost/stolen,Gemalto writes in a blog, the healthcare industry experienced the most data breaches overall in H1 2016 – 263 incidents, which adds up to 27% of all breach incidents. While the government sector lost large the most data per breach, healthcare organizations experienced the most breaches, but accounted for only 5% of total data records compromised (30,017,528).

Why would healthcare account for the majority of breaches, but not the number of data records stolen? Gemalto isn’t really sure. A theory – and it is just that at this point– is that there are many healthcare organizations being breached possess relatively smaller amounts of information per database for hackers to steal.

Whereas we saw 150 million records compromised due to a single breach of a U.S. voter database, the top healthcare data breach in H1 2016 – in terms of records stolen – accounted for the loss of “only” 10 million records. That particular incident involved a member of the hacktivist group Anonymous breaching the servers of Turkish hospitals and stealing patients’ medical data as well as staff records in retaliation for cyberattacks on U.S. hospitals believed to be perpetrated by Turkish hackers.

While tens of millions of compromised records is certainly better than hundreds of millions, no organization or industry wants to endure either. It’s also important to note that the 263 healthcare breaches in H1 2016 already equals 70% of the total healthcare breaches that occurred in all of 2015 – meaning the industry is currently on track to experience more breaches year-over-year. Not a good sign.

Ransomware, a growing impact

Earlier in September Intel Security released another report stating the health sector has become an attractive segment for hackers.   Ransomware is a growing threat to the healthcare industry, according to the latest McAfee Labs Cyber Threat report. Following a rash of targeted ransomware attacks upon hospitals in early 2016, Intel Security investigated the attacks, the ransomware networks behind them, and the payment structures enabling cybercriminals to monetize their malicious activity.

The researchers identified nearly $100,000 in payments from hospital ransomware victims to specific bitcoin accounts. While healthcare is still clearly a small proportion of the overall ransomware ‘business,’ McAfee Labs expects a growing number of new industry sectors to be targeted by the extensive networks launching such attacks.

The research team attributes the increased focus on hospitals to such organizations’ reliance on legacy IT systems, medical devices with weak or no security, third-party services that may be common across multiple organizations and the need for hospitals to have immediate access to information to deliver the best possible patient care.

“As targets, hospitals represent an attractive combination of relatively weak data security, complex environments and the urgent need for access to data sources, sometimes in life or death situations,” said Vincent Weafer, vice president for Intel Security’s McAfee Labs. “The new revelations around the scale of ransomware networks and the emerging focus on hospitals remind us that the cybercrime economy has the capacity and motivation to exploit new industry sectors.