Sign up for our newsletter
Technology / Cybersecurity

Growing phishing & ransomware success hits healthcare

Phishing attacks and ransomware are being used to plunder organisations, while health care proves  to be among the very weakest, as one in eight consumers in England have had personal medical information stolen.

A report has found that 73 percent of malware that breaches organisations gains entry by being carried in via phishing attacks, having gained a new level of formidability in recent times on the back of the ability of hackers to profile a target.

Recent news of a dangerous form of Gmail phishing attack was found to even be catching tech savvy users off guard, as hackers are using social media for example to easily profile a victim before launching an attack.

Another form of attack that has been circulating for a long time but has become very potent recently through digitisation is ransomware.  The report also found that 77 percent of all detected ransomware was in four industries, 28 percent in government, and a very significant 19 percent in health care.

White papers from our partners

READ MORE: Cyber security chiefs warn of IoT ransomware rise

These results were gathered and compiled in the 2017 Global Threat Intelligence Report from NTTSecurity. Relevant to the results of this report are those of the survey carried out by Accenture, The Impact of Healthcare Cybersecurity on English Consumers.

The statistic on the weakness of health care cyber security in the NTT Security report that 19 percent of detected ransomware was found in the industry is highly pertinent to the findings of the Accenture report.

The Accenture report presents findings that one in eight consumers in England (13 percent) have had personal medical information stolen from technology systems. Statistics gathered by the survey also detail the places that receive the largest percentages of the cyber-attacks breaching the health care industry.

Pharmacies were noted as the location most affected by breaches, accounting for 35 percent, while hospitals and urgent care clinics follow with 29 and 21 percent respectively.

Steven Bullitt, Vice President Threat Intelligence & Incident Response, GTIC, NTT Security, said: “The GTIR is the most comprehensive report of its kind, based on analysis of trillions of security logs over the past year. We identified more than six billion attempted attacks over the 12-month period – that’s around 16 million attacks a day – and monitored threat actors using nearly every type of attack.”

The massive scale of attacks and the variety in malicious methodology is further testament to the requirement of automation and machine learning on the front lines of cyber defence.

Tony Pepper, the co-founder and CEO of Egress said: “Healthcare organisations need to seriously consider what they are doing to protect patients’ data and whether their practices are suitable for the technology-driven world they now operate in. There needs to be a concerted effort now to drive forward a move to digital to prevent the issue of paper records going missing – which happens all too frequently – while at the same time ensuring robust digital defences are in place.”
This article is from the CBROnline archive: some formatting and images may not be present.