Cybercriminals Exploiting Vulnerabilities in Healthcare Organizations
Hikvision on Vulnerabilities that Enable Security Breach
The SecurityInfoWatch.com article, “Report: A vulnerable attack surface exists in healthcare enterprise IT networks,” highlights findings from Vectra’s 2019 “Spotlight Report on Healthcare,” which found that the healthcare industry is facing greater vulnerabilities that cybercriminals could exploit.
From the article: “Gaps in policies and procedures can result in errors by healthcare staff members. Examples of these errors include improper handling and storage of patient files, which is a soft spot for cybercriminals when they target global organizations and industries looking for weaknesses to exploit.”
Report findings included the following:
- Hidden HTTPS tunnels were a common attack method in healthcare networks. As described in the article, it’s an “external communication involving multiple sessions over long periods of time that appear to be normal encrypted web traffic.”
- Data smuggling was the third most detected method for hiding malicious data transfer (DNS tunnels came in first, smash-and-grab second).
- The article urges healthcare organizations to continue monitoring for ransomware attacks; however, the report discovered ransomware attacks had decreased in the second half of 2018.
Read the full article here.
Digital transformation is also heightening risks across other verticals. The Hikvision blog “Vulnerabilities that Enable Security Breach,” covers a Security magazine article on reasons behind breach. Here’s an excerpt:
A few trends can widen organizational risk for cyber threats, including digital transformation which gives “cybercriminals more opportunities to find weaknesses to creep into systems and leak or exploit data,” according to the article. Cloud adoption and a growth in the mobile workforce are also cyber risk factors. Internal threats also pose a risk: “What if a malicious insider–an employee perhaps–was to single-handedly work against a company or even combine their efforts with those of an external attacker? To help them through the backdoor, so to speak.”