According to data compiled by IBM X-Force Interactive Security Incidents, just shy of 100,000,000 healthcare records have been compromised by data breaches in 2015. And the vast majority of these breaches were experienced by practices operating in the United States. To make matters worse, the healthcare industry continues to be one of the leading sector for data breaches. Healthcare data breaches accounted for 8.4 percent of all cybersecurity incidents in 2015 (according to the IBM data).
While a sizable chunk of those who experienced incidents (38.9 percent) chose not to disclose the cause, there was still enough data in the study to identify the top five most frequent cybersecurity threats that resulted healthcare data breaches in 2015.
(NOTE: In the spirit of full disclosure, #5 through #3 were tied. Each accounted for the same percentage of healthcare data breaches in 2015)
Making up 5.6 percent of healthcare data breaches in 2015, we have our old nemesis… Malware. This usually happens when employees are being careless while using the internet on office computers. All it takes is for one staff member to make one click on just one malicious clickbait link or fake advertisement… and that’s all she wrote. The malware downloads and likely isn’t discovered until it’s too late.
#4: SQL injection
SQL injection (or SQLi for short) has been responsible for 5.6 percent of this year’s healthcare data breaches. I don’t want to bore everyone to death with the technical details, so I’ll just keep it simple (this method is actually a bit complicated, since it requires some technical expertise to pull off).
More or less, SQLi refers to the injection of malicious code into a system, usually done by exploiting security vulnerabilities in an application or software. Once inside the system, the attackers can pretty much enter code for any number of nefarious purposes. For example, they could inject a command code that sends out a dump of the entire database… or they could use it to spoof a staff member’s credentials… or, if they’re feeling particularly nasty, they might decide to alter and/or delete data (a particularly dangerous thing for those in the healthcare industry, since changing healthcare information, such as allergies or blood types, could cause patient fatalities).
SQLi makes it crucial for today’s healthcare organizations to avoid using outdated/unsupported software and to keep their updates and security patches up to date.
#3: Misconfigured Networks
This one also makes up 5.6 percent of the 2015 healthcare data breaches. This is a pretty broad category, honestly, as misconfigurations can come in many forms:
- Using default/factory settings (for example, not changing default passwords or keys)
- Using a default account (such as creating a single account that everyone in the office uses, as opposed to everyone having their own individual accounts and credentials)
- Misconfigured (or nonexistent) router security
- Misconfigured MPLS VPNs
Phishing has become a serious problem, and comes in second at 16.7 percent of all 2015 healthcare data breaches. This spike is likely due to the increased use of Spear-Phishing by cybercriminals. We have discussed this one in the past on this blog, so I won’t go into a lot of detail here. More or less, phishing is usually done by sending spoof emails to individuals within an organization. However instead of using the old spam methods, the attackers create a fairly well-crafted and legit looking email that increases the likelihood of someone downloading its attachment or clicking the malware link it contains. Spear-phishing is genius in its simplicity… but it’s also a major headache when it comes to cybersecurity because it exploits the one thing that cybersecurity tools are powerless to control—human beings.
Which brings us to numero uno on our list.
#1: Physical Threats
I have stated this many times in various blog articles over the last year or so… and I am going to say it one more time for those who might’ve missed it (just kidding… I’m sure I’ll be repeating it in the future)—the single greatest threat to any network’s security is careless human behavior.
Accounting for a whopping 27.8 percent of all healthcare data breaches in 2015, Physical Threats (in cybersecurity terms) refer to actions taken by human beings that resulted in cyberattacks/data breaches. This broad category can include any number of human-caused cybersecurity threats:
- Password sharing (we discussed this way back in February)
- Data or technology not being properly secured (as Emory Healthcare learned in 2012)
- Lost or stolen mobile devices (smartphones, tablets, etc.)
- Lost or stolen data storage devices (USB drives, backup disks, etc.)
- Disabling of security controls (cookie restrictions, blocked sites, antivirus, etc.)
- File sharing via unsecure methods (such as via a personal Google Drive or DropBox)
- Improper “device retirement” (because you can’t just throw away old technology until you confirm that it has been completely wiped of all sensitive data)
There you have it, folks! These are the Top 5 Worst Healthcare Cyber Threats of the year. As I have mentioned before, 2015 is already considered by many to be the worst year in history when it comes to data breaches.
And don’t forget, there are still a few weeks left in 2015. So the situation could get even worse before the year is out.
After all… If the last 11 months have shown us anything, when it comes to cyber threats, it’s that things can always get worse.