Nearly 90% of healthcare organizations have experienced a data breach in the past two years, and nearly half have had more than five data breaches during that same timeframe, according to a study by the Ponemon Institute. The industry has seen an explosive increase in targeted attacks recently as evidenced by a 320% increase in the number of healthcare providers victimized by hackers in 2016. The list of victims continues to grow, including Anthem, Premera, Excellus Blue Cross/Blue Shield, Tricare, Banner Health, Virginia Department of Health, and UCLA Health.
Not only has the number of attacks increased, many of them were devastatingly effective, as evidenced by the 160 million medical records that have been stolen since 2015. The Anthem breach alone, which was the largest healthcare breach ever recorded, exposed about 80 million individual medical records to their attackers. To put that in context, the number of medical records breached in the Anthem attack is greater than the entire populations of California, Texas, and North Carolina combined. These breaches are coming at a steep price as they are costing the healthcare industry approximately $6.2 billion per year according to Ponemon.
What is driving this dramatic escalation of attacks against the healthcare sector and who is orchestrating them? These attacks are driven primarily by two types of threat actors that have entirely different motivations:
- Criminal actors breach organizations in the hopes of selling the medical records on the black market, or they attack the availability of healthcare systems and their data, often by launching ransomware-based attacks.
- Nation-state backed actors seek information on individual subjects of interest that might enable them to blackmail or extort these individuals in the future, for espionage purposes.
The dramatic rise in successful attacks against healthcare organizations by both criminal and nation-state threat actors illustrates how attractive and susceptible these enterprises are to successful exploitation. Despite these wake-up calls, the healthcare sector as a whole remains extremely vulnerable to cyberattacks.
These factors combined have turned many healthcare organizations into the proverbial “sitting ducks” that are vulnerable to their predators. The industry is coming to terms with the fact that they are currently the most targeted sector globally. Healthcare executives have been scrambling to effectively respond to these threats.
Cybis is a leading cybersecurity consulting firm providing Agency Grade® solutions to private sector clients. Our team is staffed by former operators from the NSA, CIA, and Department of Defense who have a cross-disciplinary expertise and help clients manage their business’s value at risk. As former offensive cybersecurity operators, we “think like an attacker” to determine where and how our clients are most likely to be targeted, and to craft strategies of defense and resilience to protect the business. Our approach integrates the technical, physical, and human dimensions of security to identify, prioritize and remediate complex risks, and vulnerabilities.