Advanced endpoint protection and remediation solution specialist Malwarebytes has announced the results of its latest Cyber Crime Tactics and Techniques (CTNT) report entitled ‘CTNT Q3 2019: The State of Healthcare Cyber Security’. The company observed a 60% increase in threat detections at healthcare organisations by comparing all of 2018 against just the first three-quarters of 2019, demonstrating significant growth and a reason for increased concern about healthcare security as we head towards 2020.
According to Malwarebytes’ product telemetry, the healthcare industry has been overwhelmingly targeted by Trojan malware during the last year, which increased by 82% in Q3 2019 over the previous quarter. The two most dangerous Trojans of 2018-2019 for all industries, Emotet and TrickBot, were the two primary culprits.
Emotet detections surged at the beginning of 2019, followed by a wave of TrickBot detections in the second half of the year, becoming the Number One threat to healthcare. Due to ageing infrastructure, low IT budgets and a wealth of personally identifiable information, healthcare institutions are becoming prime targets for cyber criminals.
“Healthcare is vital to our population, industries and economy, which is why it’s an especially concerning industry to see targeted by cyber criminals,” said Adam Kujawa, director of the Malwarebytes Labs. “Emotet, TrickBot, exploit and backdoor detections targeting healthcare organisations are known to drop ransomware payloads later in their attack chains. For too long, these organisations have suffered due to antiquated equipment and underfunded IT Departments, in turn making them especially vulnerable. We should be arming healthcare now with extensive security measures because this pattern suggests that ransomware is looking to infiltrate such organisations from several different angles.”
Key findings from the report
Key findings from the report include the following:
*There was a 60% increase in threat detections at healthcare organisations in the first three-quarters of 2019 when compared to all of 2018
*Healthcare is currently the seventh most targeted industry by cyber criminals according to the Malwarebytes data (education and manufacturing take the top two spots in 2019)
*Endpoint detections have grown 45% from 14,000 healthcare-facing endpoint detections in Q2 2019 to more than 20,000 in Q3
*Trojans, hijackers and riskware each surged by over 80% from Q2 2019 to Q3
*The top attack methods for healthcare networks in the last year were exploiting vulnerabilities in third party vendor software (such as medical management apps or custom software for hospitals and medical practices), taking advantage of weak security postures due to staff negligence, user error and poor patching cadences and using social engineering methods, such as phishing and spear phishing.
Daunting consequences of an attack
The report also details that the consequences of a cyber security breach in healthcare can be especially daunting. Patient data can be exposed and, worse still, lives placed in jeopardy as critical equipment and information may hang in the balance during an attack.
For this reason, it’s especially crucial that healthcare institutions work to upgrade their security posture, train and retrain employees and establish and practice protocols in the event of an attack.
As new technologial innovations are introduced in the healthcare sector, so it will become increasingly important to consider security in product or platform design rather than trying to add it as an afterthought.
*For copies of the full report visit: https://resources.malwarebytes.com/files/2019/11/191028-MWB-CTNT_2019_Healthcare_FINAL.pdf