Post by, Moshe Ben Simon, VP of Services and TrapX Labs
This past year has been a difficult one for health-care data security, with the volume and percentage of cyber attacks increasing substantially. Our 2016 data indicates that cyber attacks against health care organizations in the United States went up by 63% for a total of 93 major attacks, an increase of 36 attacks over 2015.
Cyber attackers were responsible for 31% of all major HIPAA data breaches reported in 2016, an increase of approximately 300% over three years. In 2014, cyber attackers were responsible for 10% of total major data breaches, increasing to 21% in 2015. Major cyber attacks in health care—those resulting in data breaches impacting more than 500 patients—were classified by HHS OCR as “IT/hacking.”
This report examines the trends that we’ve observed in 2016, and aligns them with our predictions for 2017. Trends are important because they help us understand how cyber defenses must continue to change to meet new and ongoing threats to the integrity of health care data.
Attacks continue to diversify in variety and complexity. Medical device hijack (“MEDJACK”) attacks, which began in 2015, continue to accelerate, and the lack of new technologies and best practices make it very difficult for hospitals to detect and combat this threat.
On a relatively new front, the use of ransomware has increased significantly, due primarily to the immediate financial gain attackers can realize from successful ransomware attacks, versus the diminishing value of stolen patient data. Ransomware has risen to the forefront of cyber threats, a trend that we expect to continue. We suspect that some attackers are engaging in both medical records theft and ransomware attacks, but as yet we have no hard evidence of such “double dipping” against healthcare institutions.
Attacks against hospitals and medical organizations are still driven by organized crime. Medical records are among the most complete sets of records available and, hence, are in demand for a variety of reasons. Paradoxically, this increased demand has led to so many health-care records being stolen that prices on the “dark Web” appear to have decreased in 2016. Notwithstanding this decrease in value, health-care records’ ease of access ensures their continued attractiveness to cyber attackers in 2017.
All of these topics and more are covered in our newly released 2016 Year-End Health Care Cyber Breach Report. In it, we share our data and analyses of all major cyber attacks in the United States reported between January 1 and December 10, 2016. Some of these breaches may have been ongoing prior to the beginning of 2016, but for consistency’s sake, we used only the official reporting dates to the HHS OCR that fall within 2016.
Data sources for this report include official HHS OCR compliance reports via their portal; publicly released information by the impacted parties; TrapX Labs research, predominantly on highly confidential case studies; and other Internet-based information sources.
We invite you to download our report and contact us with your questions and comments. We’re interested in learning more about your data defenses and experiences with cyber breaches so that we can develop more robust defenses against the threats that impact every health care organization.
Click here to read full report: TrapX Labs: Health Care Cyber Breach Report for 2016