Healthcare is the industry most frequently targeted by cyber attacks, with 164 threats detected per 1,000 host devices, according to a recent Vectra Networks study. Education came in second with 145 detections per 1,000 host devices.
“The data shows that healthcare and education are consistently targeted and attackers can easily evade perimeter defenses,” the report states.
At the same time, the study found attack rates increasing across the board, with the average number of reconnaissance, lateral movement and exfiltration detections all increasing by more than 265 percent. Reconnaissance detections, a first step in ransomware campaigns, were up by 333 percent over 2016.
According to Vectra, finance and technology have below-average threat detection rates, with 37 and 38 detections per 1,000 hosts, respectively, indicating that those industries generally have stronger policies, more mature response capabilities, and better control of the attack surface.
On the other hand, media organizations experienced the highest rates of exfiltration, with 34 detections per 1,000 host devices — the report suggests the high rates can be attributed to a decentralized supply chain made of small businesses with limited IT staff.
Unsecured Medical Devices
Vectra notes that the healthcare industry has seen a significant increase in the number of Internet-connected devices due to the expanding footprint of IoT devices in hospitals. “These unsecured devices are easy targets for cybercriminals,” the report states.
It’s a highly relevant concern. A recent Ponemon Institute survey of 242 medical device manufacturers and 262 healthcare delivery organizations (HDOs) found that 67 percent of manufacturers and 56 percent of HDOs believe an attack on a medical device built by or in use by their organizations is likely within the next 12 months.
The survey, sponsored by Synopsys, also found that 60 percent of manufacturers and 49 percent of HDOs say the use of mobile devices in hospitals and other healthcare organizations significantly increases security risks.
And while one third of all respondents are aware of the risk of adverse effects on patients from an insecure medical device, just 17 percent of manufacturers and 15 percent of HDOs are taking significant steps to prevent attacks.
“The security of medical devices is truly a life or death issue for both device manufacturers and healthcare delivery organizations,” Ponemon Institute chairman and founder Dr. Larry Ponemon said in a statement. “According to the findings of the research, attacks on devices are likely and can put patients at risk. Consequently, it is urgent that the medical device industry makes the security of its devices a high priority.”
Problems with Device Security
Eighty percent of all respondents said medical devices are very difficult to secure, for a variety of reasons including accidental coding errors, lack of knowledge/training on secure coding practices, and pressure on development teams to meet product deadlines.
Just 51 percent of manufacturers and 44 percent of HDOs follow current FDA guidance to mitigate or minimize security risks in medical devices, and just 25 percent of all respondents said the security protocols or architecture built into devices adequately protects clinicians and patients.
“These findings underscore the cyber security gaps that the healthcare industry desperately needs to address to safeguard the wellbeing of patients in an increasingly connected and software-driven world,” Synopsys global director of critical systems security Mike Ahmadi said in a statement.
“The industry needs to undergo a fundamental shift, building security into the software development lifecycle and across the software supply chain to ensure medical devices are not only safe, but also secure,” Ahmadi added.