In my previous post, I reviewed the primary compliance regulations that healthcare organizations around the world are subject to, all of which are intended to improve data protection in healthcare. But as I noted, the number of healthcare firms suffering data breaches is still growing, despite these regulations. Today, I’ll tackle the question of why this is happening.
One factor is clearly that attackers are constantly upping their game. Phishing attacks have become so much more convincing and targeted that we now have subcategories like spear phishing and whaling, techniques designed to ensnare particular people, especially “big fish” who can access confidential data or transfer funds. Using information readily available on social networking services like LinkedIn and Facebook, cybercriminals can now piece together connections between people and craft a very believable message that gets the victim to click a malicious link or open an infected document. For example, an email might replicate the writing style and tone of a company’s CEO, getting the CFO to make a confidential transfer of funds to a specified bank account in light of a new venture or acquisition.
Attackers are also designing increasingly sophisticated malware, including ransomware, and inventing more effective ways to deliver it. For example, we now have drive-by-downloads from malicious websites that can exploit known vulnerabilities in out-of-date applications and unpatched operating systems. Advertisements on web sites and within applications can be altered to carry a malicious payload; since the user is visiting a known web site or using a trusted application, they’re more likely to click on the ad. And free downloads of normally expensive software are also changed to include malicious components, or they merely masquerade as expensive software, tricking the victim into releasing the malware inside. Perhaps most alarmingly, ransomware is now even available "as a service," with the proceeds split between the attacker and the ransomware developer.
However, these advanced techniques are being used against organizations across all industries around the world; what makes the healthcare sector particularly vulnerable? There are a number of factors:
These factors can leave healthcare organizations extremely vulnerable to both outside attackers and malicious insiders, as well as careless mistakes that can be just as damaging and costly. In my next post, I’ll explore the multiple ways that data breaches and ransomware infections can impact healthcare firms and their patients.
In the meantime, be sure to read our white paper, “Protecting Data in the Healthcare Industry,” to learn more about:
Download the White Paper