Advanced Threats January 31, 2017
By Michelle Alvarez 2 min read

According to the Ponemon Institute’s “2016 Cost of Data Breach Study,” a stolen health care record cost the average business $355 in 2016. That’s more than twice the mean cost of $158 across all industries. It’s safe to say, then, that this cost will continue to rise in the health care industry as the threat of ransomware rapidly increases.

In a notable example from 2016, cybercriminals attempted to extort a hospital for $3.6 million. The victimized organization ended up paying a smaller amount, but the incident showed that hospitals are popular targets for ransomware-wielding fraudsters.

IBM Report Reveals Top Health Care Hazards

Insider threats, both malicious and inadvertent, also continue to plague health care organizations. According to IBM Managed Security Services (MSS) data, insiders were responsible for 68 percent of all network attacks targeting health care data in 2016. Almost two-thirds of those attacks originated from unwitting parties who may have fallen victim to phishing scams or misconfigured servers.

Ransomware attacks and insiders aren’t the only threats to the health care sector. Risks can also materialize through indirect events such as third-party electronic health record (EHR) vendor breaches. In 2015, for example, a health care software company revealed that cybercriminals had stolen data belonging to almost 4 million patients.

The new IBM report on the MSS data revealed that 48 percent of attacks use malicious data input to control or disrupt a target system’s behavior. This represents the No. 1 attack vector threatening health care data.

Fortify Your Security Immune System

Despite being under constant pressure to lower the cost of health care to consumers, medical organizations simply cannot afford to risk multimillion dollar losses by shirking cybersecurity. That’s why healthy security is just what the doctor ordered.

Attacks against health care organizations will only multiply as the black market value of medical records packaged into full individual profiles continues to rise in 2017. Now, more than ever, organizations must address the urgent need to transform a point product-based set of security solutions into an integrated security immune system. You can learn more by reading the IBM report “Security Trends in the Health Care Industry.”

Download the report now

 |  |  |  |  |  | 
Michelle Alvarez
Manager, IBM Security X-Force

Michelle Alvarez is the manager of the Threat Intelligence Production Team within IBM Security X-Force. She brings nearly 20 years of cybersecurity to her ro...

More from Advanced Threats
Advanced Threats   August 2, 2022

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however, it’s important to understand how to build, implement and mature a repeatable, internal threat hunting program. What are the components…

Advanced Threats   January 31, 2022

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

Shopping online is an increasingly popular endeavor, and it has accelerated since the COVID-19 pandemic. Online sales during the 2021 holiday season rose nearly 9% to a record $204.5 billion. Mastercard says that shopping jumped 8.5% this year compared to 2020 and 61.4% compared to pre-pandemic levels. Cyber criminals are not missing this trend. The Ramnit Trojan, in particular, is out for a shopping spree that’s designed to take over people’s online accounts and steal their payment card data. IBM…

Intelligence & Analytics   October 20, 2021

Detections That Can Help You Identify Ransomware

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed tools, techniques and procedures that can often be detected through the default Windows event logs (WELs). In particular, the X-Force IR team has identified several…

Advanced Threats   October 14, 2021

How to Report Scam Calls and Phishing Attacks

With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They're not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. This term marks ransomware actors' shift away from attacks against individual users and towards operations targeting large enterprises, noted CNBC. But attacks like phishing and…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature