December 23, 2016 By Derek Brink 3 min read

As IBM X-Force Security Research predicted six months ago, a shift in cybercriminals’ focus from the retail industry led to increased risk in the health care sector in the second half of 2016. Unfortunately, empirical data confirmed just how dramatic these trends have been on a year-over-year basis. Let’s review the state of health care security in 2016.

Top Threats to Health Care Security in 2016

The Privacy Rights Clearinghouse published a chronology of publicly disclosed data breaches, sorted by type of breach, type of organization, number of records compromised and date of disclosure. The following graphic shows that the total number of data breaches in the health care sector ballooned from 81 in 2015 to 283 in 2016.

Drilling down into the type of breaches is also enlightening when reviewing the state of health care security in 2016.

Malicious External

External, malicious incidents, which may involve malware infection or other outside cybercriminal activity, increased from 17 instances in 2015 to 121 in 2016. This category includes ransomware, by far the highest-profile exploit to hit the health care sector in 2016.

Non-Malicious Internal

Sometimes breaches occur as the result of a pure accident. For example, a user with legitimate access might unintentionally disclose sensitive data, mistakenly post sensitive information publicly, or send a confidential email, fax or physical documents to the wrong party. This type of insider threat increased by a factor of nearly five, from 18 in 2015 to 86 in 2016.

Lost or Stolen Devices

This type of breach occurs when devices holding sensitive data are lost, stolen or improperly discarded. Incidents involving this type of breach increased by about 45 percent, from 27 in 2015 to 39 in 2016. Virtually all of these are mobile or portable devices such as smartphones, laptops, memory sticks, hard drives, backup tapes and so on. Most organizations use encryption to address the risk of data breaches on their endpoints.

Physical Loss

Incidents in which paper documents were physically lost, discarded or stolen increased by about 2.7 times, from 12 in 2015 to 32 in 2016. This is a good reminder that the scope of information security actually encompasses data in all forms, electronic or not.

Malicious Internal

There was one bright spot in the year-over-year trends, according to the report. Internal breaches stemming from malicious users with legitimate access, such as employees, contractors, business partners and customers, decreased from 11 in 2014 and seven in 2015 to just five in 2016. While the insider threat is still a serious concern, the data showed that it’s a relatively low-priority issue with regard to data breaches.

Looking Back, Looking Ahead

Why did the cyberthreat landscape shift to the health care sector? Cybercriminals have the motive — since health care data is both valuable and long lasting — and the opportunity. They are able to exploit common use of legacy systems and devices with weak security, as well as a fragmented workforce with a high priority on patient care and low priority on security, and the pressing need for immediate access to patient records. These factors make health care an extremely attractive target.

The prescription for health care security in 2017 and beyond? Recognize the fundamental problem as a business issue, not a technology issue. Understand the risks, decide how much risk is acceptable and invest in a more mature set of capabilities for reducing risk to an acceptable level.

Listen to the podcast: Data Security Insights from a Health Care Insider

More from Healthcare

Cost of a data breach 2023: Healthcare industry impacts

3 min read - Data breaches are becoming more costly across all industries, with healthcare in the lead. The 2023 Cost of a Data Breach Report analyzes data collected from March 2022 to March 2023. Healthcare remains a top target for online criminal groups. These data breach costs are the highest of any industry and have increased for the 13th consecutive year. Healthcare is a highly regulated industry that the U.S. government considers critical infrastructure. As such, recent federal privacy standards, security standards and…

Cyberattackers target the Latin American health care sector

3 min read - Cyberattacks on the healthcare sector are a growing threat in Latin America, and the large amount of confidential data these organizations handle makes these attacks a top concern. The value of healthcare data in the illegal market, such as the personal, medical and financial information of patients and healthcare companies, creates an appealing target for threat actors. This can have serious consequences for the privacy and information security of these organizations. Cyberattacks could lead to reputational risks, interruption of operations,…

Increasingly sophisticated cyberattacks target healthcare

4 min read - It’s rare to see 100% agreement on a survey. But Porter Research found consensus from business leaders across the provider, payer and pharmaceutical/life sciences industries. Every single person agreed that “growing hacker sophistication” is the primary driver behind the increase in ransomware attacks. In response to the findings, the American Hospital Association told Porter Research, “Not only are cyber criminals more organized than they were in the past, but they are often more skilled and sophisticated.” Although not unanimous, the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today