Cybercriminals step up attacks on the healthcare sector
Comparing all of 2018 against just the first three quarters of 2019 has seen a 60 percent increase in threat detections at healthcare organizations, according to a new report from Malwarebytes.
The industry has been overwhelmingly targeted by Trojan malware during the last year, with attacks increased by 82 percent in Q3 2019 over the previous quarter. The two most dangerous Trojans of 2018–2019 for all industries, Emotet and TrickBot, were the two main culprits.
"Healthcare is vital to our population, industries and economy, which is why it's an especially concerning industry to see targeted by cybercriminals," says Adam Kujawa, director of Malwarebytes Labs. "Emotet, TrickBot, exploit, and backdoor detections targeting healthcare organizations are known to drop ransomware payloads later in their attack chains. For too long, these organizations have suffered due to antiquated equipment and underfunded IT departments, making them especially vulnerable. We should be arming healthcare now with extensive security measures because this pattern suggests that ransomware is looking to penetrate healthcare organizations from several different angles."
Healthcare is currently the seventh-most targeted industry by cybercriminals according to Malwarebytes data, with education and manufacturing taking the top two spots in 2019.
The most common attack methods used are exploiting vulnerabilities in third-party vendor software, such as medical management apps or custom software for hospitals and medical practices, using social engineering methods, such as phishing and spear phishing to deliver malicious attachments and links, and taking advantage of weak security postures due to staff negligence, user error and poor patching cadences; and
"People wander in and out of these organisations, their buildings or whatever, connecting to their systems, you've got folks who are utilising all kinds of technology in the course of their work and so it just sets it all up to be a very easy target for criminals, and that's a huge issue," Kujawa adds.
Looked at on a regional basis in the US the West's healthcare institutions have been most targeted by malware, with 42 percent of Malwarebytes' total US detections. The Midwest is close behind at 36 percent. The South and Northeast have fewer detections at 15 and seven percent, respectively.
The full report is available from the Malwarebytes site.