The activity concludes an unprecedented year of cybersecurity activity. Imperva data shows the healthcare industry experienced 187 million attacks per month, on average, or roughly 498 attacks per organization each month. That’s a 10% increase year-over-year, and it underscores the growing risk of web application vectors for healthcare organizations -- many of which are still struggling to manage the demands of the on-going global pandemic.
Throughout 2020, cybercriminals used an array of vectors to attack vulnerable healthcare organizations. Facilities operating in the United States, Brazil, United Kingdom and Canada were the top targets of these attacks.
In December, Imperva researchers saw four specific vectors increase significantly in volume of recorded attacks:
Impact is Still Unknown … For Now
While the volume of attacks increased in 2020, reports show that the number of breaches decreased. As someone who has worked in cybersecurity for more than 20 years, this makes no sense. My hypothesis is that many organizations likely don’t know the extent or impact of these attacks yet. The reason being: for most of the year, healthcare was focused on trying to enable remote work while managing the frontline logistics of a global pandemic. Thus, less time was spent on threat research, incident response and incident analysis.
In the New Year, I predict many breaches will come home to roost, a theory I outline in an Imperva webinar. There is also some early evidence to support this prediction. In the just the first three days of 2021, Imperva researchers saw a dramatic 43% increase in data leakage, the unauthorized transmission of data from within an organization to an external destination or recipient, which is often the result of a breach.
As Healthcare IT Transforms, the Threat Landscape Expands
Over the past year, IT transformation across every industry was accelerated to meet the challenges brought on by the global pandemic. In healthcare, the digital agenda sped up at an astonishing pace. By some estimates, what would take 10 years to accomplish will now be done in three years. I’ve even heard of digital initiatives with a timeline of weeks or months!
From expanding telehealth availability, to improving the patient experience through more digital channels, the healthcare industry adopted more cloud-based technologies and applications to achieve these goals. Based on my experience, many healthcare organizations rely on third-party applications anytime they can, instead of writing their own, for the convenience it offers, to reduce IT development risks and costs and to facilitate greater collaboration. While there are sometimes business advantages to third-party applications, the risks include: patching only on the vendor’s timeline, known exploits that are widely publicized and constant zero-day research on widely used third-party tools and APIs.
Defense At the Speed of Automated Attacks
While this latest threat intelligence paints a grim picture, there are actions healthcare organizations can take today to protect themselves.