According to the Ponemon Institute’s “2016 Cost of Data Breach Study,” a stolen health care record cost the average business $355 in 2016. That’s more than twice the mean cost of $158 across all industries. It’s safe to say, then, that this cost will continue to rise in the health care industry as the threat of ransomware rapidly increases.

In a notable example from 2016, cybercriminals attempted to extort a hospital for $3.6 million. The victimized organization ended up paying a smaller amount, but the incident showed that hospitals are popular targets for ransomware-wielding fraudsters.

IBM Report Reveals Top Health Care Hazards

Insider threats, both malicious and inadvertent, also continue to plague health care organizations. According to IBM Managed Security Services (MSS) data, insiders were responsible for 68 percent of all network attacks targeting health care data in 2016. Almost two-thirds of those attacks originated from unwitting parties who may have fallen victim to phishing scams or misconfigured servers.

Ransomware attacks and insiders aren’t the only threats to the health care sector. Risks can also materialize through indirect events such as third-party electronic health record (EHR) vendor breaches. In 2015, for example, a health care software company revealed that cybercriminals had stolen data belonging to almost 4 million patients.

The new IBM report on the MSS data revealed that 48 percent of attacks use malicious data input to control or disrupt a target system’s behavior. This represents the No. 1 attack vector threatening health care data.

Fortify Your Security Immune System

Despite being under constant pressure to lower the cost of health care to consumers, medical organizations simply cannot afford to risk multimillion dollar losses by shirking cybersecurity. That’s why healthy security is just what the doctor ordered.

Attacks against health care organizations will only multiply as the black market value of medical records packaged into full individual profiles continues to rise in 2017. Now, more than ever, organizations must address the urgent need to transform a point product-based set of security solutions into an integrated security immune system. You can learn more by reading the IBM report “Security Trends in the Health Care Industry.”

Download the report now

more from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however,…

World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized

On April 5, German authorities announced the takedown of the Hydra marketplace, the world’s largest darknet market trading in illicit drugs, cyberattack tools, forged documents and stolen data. The criminal operation, with about 17 million customer accounts, raked in billions in bitcoin before getting shut down. On its website, the Federal Criminal Police Office (BKA) stated it had secured and…