Healthcare organizations are facing increasing cyber threats, prompting a critical need to reevaluate their security strategies, particularly concerning insider threats, cyber awareness training, and the protection of mobile applications and devices. This insight was shared by Ryan Witt, Vice President of Industry Solutions at Proofpoint, in light of findings from a recently published study.
The third annual “Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care 2024,” sponsored by Proofpoint and conducted by the Ponemon Institute, surveyed 648 IT and IT security professionals in the healthcare sector. The study, conducted in March and April, revealed that a staggering 92% of respondents reported experiencing at least one cyberattack within the past year, an increase from 88% the previous year. On average, organizations faced 40 attacks over this period, with some being thwarted before they escalated.
Witt emphasized that cybercriminals are increasingly focused on human-centric attack strategies, which target the people within organizations as a pathway to compromise security. These attackers aim to obtain access to credentials, which they consider critical for further infiltration. Once inside, they exploit vulnerabilities in the network infrastructure, navigating laterally to identify valuable assets, such as sensitive patient data or access to clinical research. The motivation behind these attacks often centers on monetization opportunities, ranging from payment redirects to data breaches.
In an interview with Information Security Media Group, Witt elaborated on several alarming trends observed in the report. These include rising attack vectors targeting supply chains, mobile applications, and cloud environments, as well as the continued threat of business email compromise. He noted the profound impacts of ransomware and other cyber intrusions on patient care, highlighting the broader implications these attacks have on the healthcare sector’s operation.
Particularly notable was the detailed examination of ransom payouts within the healthcare industry, which have become a concerning trend amid rising cyberattacks. Witt also discussed the ramifications of the Change Healthcare ransomware attack that took place in February, detailing its significant effects on healthcare operations and the responses of professionals surveyed.
For business owners in the healthcare sector, Witt outlined essential cybersecurity action items that practitioners should prioritize to strengthen their defenses in this evolving threat landscape. His extensive experience in healthcare security, combined with his leadership at Proofpoint and involvement with the HIMSS Cybersecurity, Privacy and Security Committee, reinforces the urgency and importance of addressing these vulnerabilities.
In relation to the tactics employed by cyber adversaries, the study aligns with the MITRE ATT&CK framework, suggesting that techniques such as initial access through phishing, persistence via malware, privilege escalation, and lateral movement were likely utilized in these attacks. This framework serves as a vital resource for understanding the potential methodologies behind cyber incidents and can guide organizations in bolstering their security measures against future threats.
