Light Dark
January 31, 2017 By Michelle Alvarez 2 min read
Healthcare
Advanced Threats
X-Force

According to the Ponemon Institute’s “2016 Cost of Data Breach Study,” a stolen health care record cost the average business $355 in 2016. That’s more than twice the mean cost of $158 across all industries. It’s safe to say, then, that this cost will continue to rise in the health care industry as the threat of ransomware rapidly increases.

In a notable example from 2016, cybercriminals attempted to extort a hospital for $3.6 million. The victimized organization ended up paying a smaller amount, but the incident showed that hospitals are popular targets for ransomware-wielding fraudsters.

IBM Report Reveals Top Health Care Hazards

Insider threats, both malicious and inadvertent, also continue to plague health care organizations. According to IBM Managed Security Services (MSS) data, insiders were responsible for 68 percent of all network attacks targeting health care data in 2016. Almost two-thirds of those attacks originated from unwitting parties who may have fallen victim to phishing scams or misconfigured servers.

Ransomware attacks and insiders aren’t the only threats to the health care sector. Risks can also materialize through indirect events such as third-party electronic health record (EHR) vendor breaches. In 2015, for example, a health care software company revealed that cybercriminals had stolen data belonging to almost 4 million patients.

The new IBM report on the MSS data revealed that 48 percent of attacks use malicious data input to control or disrupt a target system’s behavior. This represents the No. 1 attack vector threatening health care data.

Fortify Your Security Immune System

Despite being under constant pressure to lower the cost of health care to consumers, medical organizations simply cannot afford to risk multimillion dollar losses by shirking cybersecurity. That’s why healthy security is just what the doctor ordered.

Attacks against health care organizations will only multiply as the black market value of medical records packaged into full individual profiles continues to rise in 2017. Now, more than ever, organizations must address the urgent need to transform a point product-based set of security solutions into an integrated security immune system. You can learn more by reading the IBM report “Security Trends in the Health Care Industry.”

Download the report now

 |  |  |  |  |  | 
Michelle Alvarez
Manager, X-Force Strategic Threat Analysis, IBM

More from Healthcare
October 29, 2024

Why safeguarding sensitive data is so crucial

4 min read - A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other.The story began when security researcher Jeremiah Fowler discovered an unsecured database containing 5.3 terabytes of exposed data linked to Confidant Health. The company provides addiction recovery help and mental health treatment in Connecticut, Florida, Texas and other states.The breach, first reported by WIRED, involved PII, such as patient names and addresses,…

September 26, 2024

Ransomware on the rise: Healthcare industry attack trends 2024

4 min read - According to the IBM Cost of a Data Breach Report 2024, the global average cost of a data breach reached $4.88 million this year, a 10% increase over 2023.For the healthcare industry, the report offers both good and bad news. The good news is that average data breach costs fell by 10.6% this year. The bad news is that for the 14th year in a row, healthcare tops the list with the most expensive breach recoveries, coming in at $9.77…

September 18, 2024

Cybersecurity risks in healthcare are an ongoing crisis

4 min read - While healthcare providers have been implementing technical, administrative and physical safeguards related to patient information, they have not been as diligent in securing their medical devices. These devices are critical to patient care and can leave hospitals at risk for cyberattacks, causing major disruptions to patient care. In fact, 88 million individuals were affected by large breaches, compromising vast amounts of electronic protected health information (ePHI) last year according to the U.S. Department of Health & Human Services. This year,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature