TMCnet News

2017 US Healthcare Breaches Involving Ransomware Increased 89% Year-Over-Year
[January 05, 2018]

2017 US Healthcare Breaches Involving Ransomware Increased 89% Year-Over-Year


Cryptonite, a leader in moving target cyber defense, today announced the availability of its "2017 Health Care Cyber Research Report," which shares the company's findings on healthcare cyberattacker activity in 2017.

2017 has been a very challenging year for healthcare institutions as these organizations remain under sustained attack by cyberattackers that continue to target their networks through the use of well understood vulnerabilities. This end of year research conducted by Cryptonite indicates that there were a total of 140 data breach events characterized and reported to HHS/OCR as IT/Hacking in 2017 representing a 23.89% increase over the 113 IT/Hacking events reported in 2016.

The number of reported major IT/Hacking events attributed to ransomware by health care institutions increased by 89% from 2016 to 2017. This was an increase from 19 reported events in 2016 to a total of 36 events in 2017. In 2017 ransomware events represented 25% of all events reported to HHS/OCR and attributed to IT/Hacking. All 6 of the 6 largest IT/Hacking healthcare events reported in 2017 were attributed to ransomware.

There were 3,442,748 records reported compromised in 2017, a substantial decrease from 13,425,263 reported compromised in 2016 as cyberattackers diversified their attacks against a broader mix of healthcare entities. In past years, cyber criminals invested considerable time and effort in targeting the largest healthcare institutions as evidenced by the 2015 events impacting Anthem (78.8 million records), Premera Blue Cross (11 million records) and by the 2016 events impacting Banner Health (3.6 million records) and Newkirk Proucts (3.4 million records). This low hanging fruit has to some extent, been harvested and attackers are now increasingly turning their attention to the broader mix of health care entities.



The emergence and refinement of advanced ransomware tools lowers both the cost and the time for cyberattackers to target smaller healthcare institutions - now they can cost effectively reach physician practices, surgical centers, diagnostic laboratories, MRI/CT scan centers and many other smaller yet critical healthcare institutions. This is the beginning of a trend that will increase very substantially in 2018 and 2019.

Internet of Things (IoT) devices in healthcare also represent new and expanding opportunities for cyberattackers. "Cyberattackers target healthcare networks primarily for two primary reasons - to steal the medical records they contain or to extort ransom payments. Medical records are the targets of choice, as this data is highly prized to support identity theft and financial fraud," said Michael Simon, President & CEO of Cryptonite. "While 2017 was the year of ransomware, we are anticipating this already hard hit sector will feel the wrath of cyber criminals targeting the hundreds of thousands of IoT devices already deployed in healthcare. Internet of Things (IoT) devices are now ubiquitous in health care - they are already present in intensive care facilities, operating rooms and patient care networks."


Methodology:

Data in this report flows from data breaches reported to the Health and Human Services Office of Civil Rights (HHS/OCR) as required by federal law. Major events reported to HHS/OCR are required by section 13402(e)(4) of the HITECH Act, which then requires HHS/OCR to post a list of breaches of unsecured protected health information affecting 500 or more individuals. In the case of this report we are predominantly focused on that subset of reported breaches categorized by the reporting entity as "IT/Hacking" and for which our additional research determined that specific events involved ransomware.

The full report can be downloaded on the Cryptonite website under the resources tab at https://www.cryptonitenxt.com/resources/#pg-resources-whitepapers.

About Cryptonite:

Cryptonite is a leader in moving target cyber defense. CryptoniteNXT enables any network to actively shield itself from cyber-attacks by preventing all attacker reconnaissance and lateral movement. Patent pending moving target cyber defense and micro-segmentation technologies protect enterprise networks from an advanced cyberattacker, insider threats and ransomware. The Cryptonite customer base includes leading commercial and government customers around the world. Learn more at www.cryptonitenxt.com.


[ Back To TMCnet.com's Homepage ]