October 5, 2021 • The Recorded Future Team
Cyber security has become top of mind for organizations across every industry in the last year and a half. As many workers began working from home the attack surface continued to grow—points of entry extended into homes, personal devices, and anywhere else important information was being accessed. While the healthcare industry primarily operates in-person, that has not stopped threat actors from targeting those organizations.
In fact, the healthcare industry is a top target for threat actors because of the unique blend of characteristics that comprise organizations within the industry. A study by the National Institute of Standards and Technology and the Office for Civil Rights found that 70% of malware attacks in 2019 were targeted at healthcare and public health organizations. Additionally, a report by the Healthcare & Public Health Sector Coordinating Councils found that the average cost of a data breach to a healthcare organization is $2.2 million.
The report by the Healthcare & Public Health Sector Coordinating Councils dives into the five threats facing the healthcare industry. Let’s take a look at these threats and also how you can improve your security posture to defend against these attacks.
Email Phishing Attacks
Perhaps the most common, and widely known, cyber attack is an email phishing attempt. The popularity of this type of attack is due to the relative simplicity to deploy, the ease to target many victims at once, and the risk-to-reward ratio presented.
You’ve most likely seen a phishing email before. In it, a threat actor pretends to be someone they’re not, either a trusted individual or an employee of an organization you’re familiar with. Their goal is to have you click a malicious link, send them sensitive information, or even wire money.
Educating employees can go a long way in defending against phishing attempts. These attacks are built to take advantage of someone not paying attention, or not wanting to raise a flag and cause any trouble.
Ransomware has become the topic in cybersecurity during 2021. High-profile attacks have dominated the news cycle, caused massive economic impacts, and sent consumers scrambling.
A ransomware attack happens when a threat actor gains access to an organization’s information and/or systems (potentially through a phishing email) and then demands payment (“ransom”) to re-enable critical systems or not release sensitive information.
Ransomware attacks can cripple any organization, but healthcare companies are even more at risk due to the critical nature of their services—lives may be on the line if certain systems are unavailable during an attack.
Ransomware attacks come in all sizes and shapes and there is no one solution to defend against them. Preparing yourself to defend against a ransomware attack requires a robust security posture that is up-to-date with the latest threat vectors and can act at the speed of the adversary.
Data and Equipment Loss or Theft
In the healthcare world, equipment and data are incredibly valuable. The equipment used by healthcare organizations is some of the most sophisticated, complex, and valuable in the world—making it an attractive target for threat actors.
Of course, the healthcare field is also home to a vast amount of personal information and data. Most of the major headlines around cybersecurity incidents detail data breaches with eye-popping details about the number of customers or patients affected. A data breach or loss can affect millions of people and quickly make international headlines.
It doesn’t always take a maliciously planned attack for data or equipment loss to happen. Employees being careless or forgetful can quickly spiral into a very large breach. Ensuring everyone in an organization is properly trained on how to protect their equipment and sensitive information can go a long way in preventing a breach.
The Best Way to Protect Your Organization is with Intelligence
The above threats to healthcare organizations highlight the importance of ensuring your security posture is well-equipped to meet all challenges. The basic tenets of cybersecurity—training employees, educating the organization about the types of threat, and using basic security services—won’t completely protect you anymore. Threat actors are far too advanced in their tactics for decades old strategies to fully protect a healthcare organization.
Intelligence is the new frontier in cybersecurity, because it unlocks insights that allow organizations to act at the speed of the adversary. Today’s world generates too much data—and noise—for any one security team to sort through it on their own and discover where the real threats lay. Intelligence takes data and turns it into actionable insights to protect your organization.
The power of this intelligence is seen in the partnership between SentinelOne and Recorded Future. Recorded Future’s Intelligence Platform transforms noisy data into that actionable information your team needs. Sources for data include open web sources, dark web sources, proprietary technical sources, and more. This data is then analyzed for relevant information that can be contextualized and provide insights.
Integrating Recorded Future with SentinelOne allows you to combine industry-leading endpoint threat intelligence for proactive defenses. This integration brings context to the noise by layering high-fidelity detections with actionable intelligence, automates time-consuming investigation and triage, empowers proactive threat hunting, and is simple to set up and deploy.
The healthcare industry is an attractive target for threat actors due to the size of the industry, the value of the targets, and legacy security systems that are not capable of handling the latest threats. To truly protect your organization you need to turn to trusted intelligence that lets you act at the speed of the adversary.
Join us for a webinar on October 27th to learn more about how Recorded Future and SentinelOne combine to give you all the tools you need to protect your organization.