Verizon Data Breach Investigations Report released

201805ehm21

The report talks about problems such as malware, Denial of Service attacks and the social engineering aspect of cybercrime in the healthcare sector

Verizon releases 11th installment of the Verizon Data Breach Investigations Report (DBIR). The report will begins with a few high-level trends and findings from this year’s data. The report talks about problems such as malware (with a focus on ransomware), Denial of Service (DoS) attacks and the social engineering aspect of cybercrime, and how they continue to plague us. The report will take a brief look at the nine incident classification patterns, and will dig deeper into the various industries.

The report mentions, “The Healthcare vertical is rife with error and misuse. In fact, it is the only industry vertical that has more internal actors behind breaches than external. In addition to these problem areas, ransomware is endemic in the industry.”

The report further highlights that the healthcare industry has the dubious distinction of being the only vertical that has a greater insider threat than it does an external threat. This somewhat bleak finding is linked closely to the fact that there is a large amount of both errors and employee misuse in this vertical. With regard to incidents healthcare is almost seven times more likely to feature a causal error than other verticals in our dataset, but you might not want to ponder that when you go in to get that appendix20 removed.

Errors most often appear in the form of misdelivery (62 per cent)— which is the sending of something intended for one person to a different recipient—and is followed by a grouping of misplacing assets, misconfigurations, publishing errors and disposal errors.

The report elaborates, “Misuse, on the other hand, takes the form of privilege abuse (using logical access to assets, often databases, without having a legitimate medical or business need to do so) in 74 per cent of cases. Interestingly, the motive (when known) is most often (47 per cent) that of “fun or curiosity.” Examples of this are when an employee sees that their date from last weekend just came in for a checkup, or a celebrity visits the hospital and curiosity gets the better of common sense. Not to be forgotten, our faithful friend avarice is still alive and well, with financial gain being the motivation in 40 per cent of internal misuse breaches.”

Another important aspect the report gives out is, “Ransomware accounts for 85 per cent of all malware in Healthcare. Due to Department of Health and Human Services regulations, ransomware outbreaks are treated as breaches (rather than data at risk) for reporting purposes. Consequently, it is difficult to know if Healthcare is more susceptible to ransomware than are organizations in other industries, or if the high percentages of it being recorded are simply a product of more stringent reporting requirements. Regardless of the reason, the wise security practitioner will take immediate steps to combat this ubiquitous attack type. Due to the ease of the attack, the low risk for the criminal, and the potential for high monetary yields, it is likely here for a lengthy stay in spite of the quality of the hospital food.