Story image

Cyber attacks on healthcare companies growing

Healthcare services teams are finding cyber attacks are increasing over time, resulting in a real need for businesses in this sector to further develop their cyber security approach.

The report was released by Carbon Black, a company specialising in cloud endpoint protection, and surveyed CISOs at 20 of the largest healthcare institutions in the world.

More specifically, the report looked at the increase of attacks over the past year, the current state of ransomware, the most significant concerns for security teams, including dark web marketplace listings for healthcare data, and attitudes towards compliance versus security.

A vast majority of CISOs (83%) said they have seen an increase of cyber attacks in the past year. Two thirds (66%) said their organisation was targeted by a ransomware attack during the past year, and the same amount said the attacks in general have become more sophisticated in this time.

Nearly half of respondents (45%) said they encountered attacks where the primary motivation was destruction of data, and one third (33%) said they’ve encountered instances of island hopping on their enterprises over the past year.

In addition, one third (33%) of those surveyed said they’ve encountered counter incident response in the year prior.

Carbon Black head of security strategy and one of the report’s authors, Rick McElroy, says, “The potential, real-world effect cyberattacks can have on healthcare organisations and patients is substantial.”

“Cyber attackers have the ability to access, steal and sell patient information on the dark web. Beyond that, they have the ability to shut down a hospital’s access to critical systems and patient records, making effective patient care virtually impossible,” he says.

The report also includes research detailing healthcare-related offerings on the dark web (including hacked provider data) as well as specific security recommendations for healthcare CISOs.

Carbon Black, previously known as Bit9, is a specialist in endpoint security software to mitigate the impact of malicious behaviour and attacks for organisations of varying sizes. The company utilises big data and cloud platform analytics software to help prevent threats.