The health care industry is being targeted by cyberthreats at an increasingly alarming rate. Once outpaced significantly in terms of breaches and malicious attacks by other sectors such as financial and retail, health care is no longer on the sidelines. Bringing them front and center are five of the eight largest security breaches that have affected this industry in the last five years. According to IBM X-Force Interactive Security Incidents data from Jan. 1, 2015 to Oct. 31, 2015, all five occurred in the first half of 2015, with almost 100,000,000 health care records compromised.

The Crown Jewel of the Health Care Industry: PHI

Why has the health care industry become a popular target? The answer is in the data. Health care’s crown jewel, protected health information (PHI), has an excellent resale value on the black market. The Health Insurance Portability and Accountability Act (HIPAA) introduced PHI as a term to represent an individual’s medical records and health information. Another frequently used term in the health care arena is electronic health record (EHR), which is a record containing PHI. In addition to medical information, EHRs could also contain email addresses, Social Security numbers, and banking and employment information.

Consequences of compromised PHI are multilayered. Aside from the significant costs to the breached health care organization, the customers of the targeted company face a plethora of potential hardships and costs. This significant cost to the individual victim translates to damaged reputation for the targeted health institution. According to the Ponemon Institute’s “2015 Cost of Data Breach Study,” health and pharmaceutical companies experience higher customer churn following a data breach over other industries in similar predicaments.

Read the complete research report: Security trends in the healthcare industry



IBM MSS Data Reveals Health Care’s Achilles’ Heel

IBM Managed Security Services continuously monitors billions of events per year, as reported by more than 8,000 client devices in over 100 countries. Analysis of data collected from Jan. 1, 2014 through Oct. 31, 2015 reveals some interesting finds regarding the types of attacks targeting the health care industry.

Malicious Documents and Sites

Getting a victim to open a malicious document or to click on a link that leads to a malicious site are proving to be successful attack methods against the health care industry, with delivery of a malicious document appearing to be preferred over a malicious link.


A threat game changer for 2014, Shellshock is well-documented in the IBM 2015 Cyber Security Intelligence Index. This malware-less attack vector that takes advantage of a vulnerability in the GNU Bash shell remains a significant and persistent threat.

Brute-Force Attacks

Attackers use an automated, repetitive method of trial and error to crack an individual’s username and password to gain access to administrator accounts or applications that store data on a Web application or Web-facing server. Once in, attackers can inject malware that can potentially get them further into the target health care organization’s network.

Older and Nonsanctioned Applications

Hospital organizations running earlier versions of Internet Explorer run the risk of an attacker using VBScript to execute arbitrary code on a vulnerable system. IBM MSS found that many health care company employees utilize a number of applications that may or may not be officially sanctioned by the organization, making it difficult to bring those systems into the security fold — and presenting an attacker with an additional attack vector.

Make Cybersecurity a Business Priority

One of the major challenges that health care faces is being able to address cyber risk in order to direct information technology investment and resources, especially as organizations address security of the data and technologies. Health care organizations are feeling this more acutely than most sectors due to the sensitivity, volume and velocity of the data in transit and traveling through their networks.

Cybercriminals see this as a rich environment for stealing data. The ability of attackers to do harm that is of immediate consequence, physically or financially, speaks volumes of the need for the health care industry to address issues and focus investments quickly.

Daunting as these security challenges may seem, health care organizations that are making a concerted effort to put cybersecurity at the forefront of their priorities are in a strong position to prevent compromise. Complying with the many regulatory health care requirements is a good start, but it’s not enough to thwart today’s attacks and keep organizations out of the breach spotlight. More has to be done to strengthen the overall security posture across all health care entities, from hospitals to smaller practices and device manufacturers, to ensure the protection of PHI. The only way to do this is to make cybersecurity a business priority.

Read the IBM X-Force research report: Security trends in the healthcare industry

More from Data Protection

Heads Up CEO! Cyber Risk Influences Company Credit Ratings

4 min read - More than ever, cybersecurity strategy is a core part of business strategy. For example, a company’s cyber risk can directly impact its credit rating. Credit rating agencies continuously strive to gain a better understanding of the risks that companies face. Today, those agencies increasingly incorporate cybersecurity into their credit assessments. This allows agencies to evaluate a company’s capacity to repay borrowed funds by factoring in the risk of cyberattacks. Getting Hacked Impacts Credit Scoring As per the Wall Street Journal…

4 min read

IBM Security Guardium Ranked as a Leader in the Data Security Platforms Market

3 min read - KuppingerCole named IBM Security Guardium as an overall leader in their Leadership Compass on Data Security Platforms. IBM was ranked as a leader in all three major categories: Product, Innovation, and Market. With this in mind, let’s examine how KuppingerCole measures today’s solutions and why it’s important for you to have a data security platform that you trust. The Transformation of the Data Security Industry As digital transformation continues to expand, the impact it has had on enterprises is very apparent when…

3 min read

SaaS vs. On-Prem Data Security: Which is Right for You?

2 min read - As businesses increasingly rely on digital data storage and communication, the need for effective data security solutions has become apparent. These solutions can help prevent unauthorized access to sensitive data, detect and respond to security threats and ensure compliance with relevant regulations and standards. However, not all data security solutions are created equal. Are you choosing the right solution for your organization? That answer depends on various factors, such as your industry, size and specific security needs. SaaS vs. On-Premises…

2 min read

Understanding the Backdoor Debate in Cybersecurity

3 min read - The debate over whether backdoor encryption should be implemented to aid law enforcement has been contentious for years. On one side of the fence, the proponents of backdoors argue that they could provide valuable intelligence and help law enforcement investigate criminals or prevent terrorist attacks. On the other side, opponents contend they would weaken overall security and create opportunities for malicious actors to exploit. So which side of the argument is correct? As with most debates, the answer isn't so…

3 min read