Outdated Health IT Infrastructure Attracts Hackers to Hospitals
February 21, 2019
Outdated healthcare IT infrastructure is attracting cybercriminals to hospitals, which are the most vulnerable type of organization, judged a new cybersecurity report.
Other factors attracting cybercriminals to healthcare include lack of experienced cyber personnel, highly valuable data, and vulnerability to ransomware attacks, the Cisco/Cybersecurity ventures 2019 Cybersecurity Almanac report noted.
The report predicts that ransomware attacks on healthcare organizations will quadruple by 2020 and that the industry will spend more than $65 billion on cybersecurity products and services between 2017 and 2021.
Ransomware damage costs are predicted to be 57 times more in 2021 than they were in 2015. Cybersecurity Ventures predicts that organizations will suffer a ransomware attack every 11 seconds by 2021, up from every 14 seconds in 2019, and every 40 seconds in 2016.
In total, ransomware damage costs could hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and $325 million in 2015.
The No More Ransom online portal has 59 free decryption tools, covering some 91 ransomware families. So far, the tools provided on No More Ransom have managed to decrypt the infected computers of over 72,000 victims worldwide, according to the report.
Healthcare has been the most cyber-attacked over the last five years, followed by manufacturing, financial services, government, and transportation, according to the report.
Cybersecurity Ventures predicted that retail, oil and gas/energy and utilities, media and entertainment, legal, and education will round out the top 10 most cyber-attacked industries for 2019 to 2022.
Healthcare will suffer two to three times more cyberattacks in 2019 that the average of other industries. Inadequate security practices, weak or shared passwords, and code vulnerabilities contribute to attacks on hospitals and other healthcare organizations, according to the report.
Personal health information is 50 times more valuable than financial information, with patient health records fetching up to $60 per record.
A healthcare data breach costs an organization an average of $408 per record, nearly three times higher than the cross-industry average of $148 per record.
The Cybersecurity Almanac also predicted that cybercrime would cost the world $6 trillion per year by 2021 and that 70 percent of cryptocurrency transactions per year will be for illegal activity by 2021.
Cryptocrime is an emerging segment of the cybercrime ecosystem, according to the report. Hacks on cryptocurrency exchanges suffered roughly $1 billion in losses during 2018. This includes the hack Coincheck, which netted criminals $530 million.
Cryptojacking, illegally mining cryptocurrencies, was one of the fastest growing cybersecurity threats in 2018, with 25 percent of all businesses falling victim to it. There was a 459 percent increase in the rate of cryptojacking, according to a report by the Cyber Threat Alliance (CTA).
“The majority of illicit mining malware takes advantage of lapses in cyber hygiene or slow patch management cycles to gain a foothold and spread within a network. If miners can gain access to use the processing power of your networks, then you can be assured that more sophisticated actors may already have access,” the CTA report warned.
“Illicit cryptocurrency mining is the canary in the coal mine, warning you of much larger problems ahead,” CTA added.
Cybersecurity Ventures predicted that zero-day exploits are predicted to reach one per day by 2021, a jump from one per week in 2015.
The number of distributed denial of service (DDoS) attacks will double to 14.5 million by 2022, according to the Cisco Visual Networking Index (VNI).
DDoS attacks can represent up to 25 percent of a country’s total Internet traffic while they are occurring, the VNI report found. The average DDoS attack size is between 1 Gbps and 2 Gbps, an increase of 37 percent between 2017 and 2018.
Attackers are increasing the computing resources they use to perform DDoS attacks. Amplification attackers, using special tools for carrying out a DDoS attack, exploit vulnerabilities in the network and compute resources, the VNI report noted.