Trend promises to get worse in 2020, according to cybersecurity vendor’s report
Malware attacks against health care organizations have increased sharply over the past year and will likely continue to increase into 2020, according to researchers at cybersecurity firm Malwarebytes.
The Lowdown: The surge of malware attacks – particularly by Trojan malware – against the data-rich health care industry is due to the aging infrastructure and low IT budgets organizations have to contend with and the large amounts of personally identifiable information (PII) that they hold, according to the Malwarebytes Labs report, released this week.
The Details: The Emotet and TrickBot Trojans – the two most dangerous of 2018 and 2019 – were the top threats observed. Malwarebytes found a surge in detections of Emotet in early 2019 that was then followed by an increase in TrickBot detections in the second half of the year.
The key findings in the report include:
> A 60% increase in threat detections at health care organizations during the first three quarters of 2019 when compared with all of last year.
> A 45% increase in health care-facing endpoint detections from the second quarter (14,000) to the third quarter (more than 20,000) of 2019.
> An increase of more than 80% in the detection of Trojans, hijackers, and riskware between the second and third quarters this year.
> The top attack methods over the past year were exploiting vulnerabilities in third-party vendor software; leveraging weak security postures; and using social engineering methods like phishing and spear-phishing e-mails.
> Health care is the seventh-most targeted industry by cyber-criminals this year, with education and manufacturing being the top two.
The Impact: Cyberattacks on health care organizations not only expose patient data but also risk the interruption of critical equipment and the flow of important information, both of which can jeopardize lives. As more technology is introduced into health care facilities, it will become more important for the organizations to improve their security posture, train employees, and put protocols in place in the event of an attack, the report states.
The Buzz: “Health care is vital to our population, industries and economy, which is why it’s an especially concerning industry to see targeted by cybercriminals,” said Adam Kujawa, director of Malwarebytes Labs. “Emotet, TrickBot, exploit, and back-door detections targeting health care organizations are known to drop ransomware payloads later in their attack chains. For too long, these organizations have suffered due to antiquated equipment and underfunded IT departments, making them especially vulnerable. We should be arming health care now with extensive security measures because this pattern suggests that ransomware is looking to penetrate health care organizations from several different angles.”