Third-party attacks make up a quarter of healthcare breaches
New research from Tenable's Security Response Team finds that third-party attacks accounted for over a quarter of breaches disclosed over the past year.
More worrying is that a breach of a single company linked back to 61 healthcare customers. The research reveals the impact of third-party attacks, how hard the healthcare sector has been hit by cyberattacks and just how rampant ransomware has been during Covid-19.
Analysis of 293 breaches in the healthcare sector which were publicly disclosed between January 2020 and February 2021 shows records were confirmed to have been exposed in nearly 93 percent. Of the 293 breaches known to have exposed records in the 14-month period analyzed, 57.34 percent of the affected organizations publicly disclosed how many records were exposed. The number of records exposed totaled nearly 106 million with 76.45 percent of these disclosed in 2020.
Ransomware is by far the most prominent root cause of healthcare breaches, accounting for a 54.95 percent. Other leading causes include email compromise/phishing (21.16 percent), insider threats (7.17 percent) and unsecured databases (3.75 percent).
The growth in telehealth usage has also led to a widening of the attack surface, with an increase in telehealth IPs flagged as malicious, issues in insecure protocols and an uptick in vulnerabilities in telehealth being exploited to raise flags.
"As the ongoing COVID-19 pandemic continues to place unprecedented strain on global healthcare infrastructure, attackers are finding what was already an attractive target even more enticing," says Tenable's security response manager Rody Quinlan, writing on the company's blog. "This unfortunate scenario has greatly expanded the attack surface for these malicious parties with the introduction of greater demand for remote services like telehealth, COVID-19 contact tracing app data, demand from medical manufacturing companies, and a race for medical research facilities to find a cure."
You can find out more on the Tenable blog.
Image credit: scanrail/depositphotos.com