View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Growing phishing & ransomware success hits healthcare

Healthcare is continuing to show major cyber security frailties.

By Tom Ball

Phishing attacks and ransomware are being used to plunder organisations, while health care proves  to be among the very weakest, as one in eight consumers in England have had personal medical information stolen.

A report has found that 73 percent of malware that breaches organisations gains entry by being carried in via phishing attacks, having gained a new level of formidability in recent times on the back of the ability of hackers to profile a target.

Recent news of a dangerous form of Gmail phishing attack was found to even be catching tech savvy users off guard, as hackers are using social media for example to easily profile a victim before launching an attack.

Another form of attack that has been circulating for a long time but has become very potent recently through digitisation is ransomware.  The report also found that 77 percent of all detected ransomware was in four industries, 28 percent in government, and a very significant 19 percent in health care.

READ MORE: Cyber security chiefs warn of IoT ransomware rise

These results were gathered and compiled in the 2017 Global Threat Intelligence Report from NTTSecurity. Relevant to the results of this report are those of the survey carried out by Accenture, The Impact of Healthcare Cybersecurity on English Consumers.

The statistic on the weakness of health care cyber security in the NTT Security report that 19 percent of detected ransomware was found in the industry is highly pertinent to the findings of the Accenture report.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The Accenture report presents findings that one in eight consumers in England (13 percent) have had personal medical information stolen from technology systems. Statistics gathered by the survey also detail the places that receive the largest percentages of the cyber-attacks breaching the health care industry.

Pharmacies were noted as the location most affected by breaches, accounting for 35 percent, while hospitals and urgent care clinics follow with 29 and 21 percent respectively.

Steven Bullitt, Vice President Threat Intelligence & Incident Response, GTIC, NTT Security, said: “The GTIR is the most comprehensive report of its kind, based on analysis of trillions of security logs over the past year. We identified more than six billion attempted attacks over the 12-month period – that’s around 16 million attacks a day – and monitored threat actors using nearly every type of attack.”

The massive scale of attacks and the variety in malicious methodology is further testament to the requirement of automation and machine learning on the front lines of cyber defence.

Tony Pepper, the co-founder and CEO of Egress said: “Healthcare organisations need to seriously consider what they are doing to protect patients’ data and whether their practices are suitable for the technology-driven world they now operate in. There needs to be a concerted effort now to drive forward a move to digital to prevent the issue of paper records going missing – which happens all too frequently – while at the same time ensuring robust digital defences are in place.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.