There has been a 63% increase in major healthcare data breaches in 2016, according to the 2016 Healthcare Cyber Breach Report from cybersecurity firm TrapX.
The report, which covers healthcare data breaches in 2016 from January 1 to December 12, shows that while the total number of healthcare records exposed in 2016 was considerably lower than last year, the number of incidents increased substantially.
In 2015, 111,812,172 records were breached in major cyberattacks. In 2016, the number of exposed or stolen records was ‘only’ 12,057,759. However, in 2016, the healthcare industry in the United States experienced 93 major data breaches in 2016. In 2015, TrapX documented 57 major healthcare data breaches.
The report shows how the number of major cybersecurity breaches has increased every year since 2014. In the past three years, major cyberattacks on healthcare organizations have increased by 300%. Back in 2014, cybercriminals were responsible for just 9% of the total number of breaches of more than 500 records that were reported to the Department of Health and Human Services’ Office for Civil Rights. Last year, that percentage had increased to 21%, and now it stands at 31%.
TrapX defines a major cyber security breach as one which was caused by hacking that has resulted in the exposure or theft of more than 500 healthcare records. Healthcare data breaches in 2016 that were caused by improper disposal, device loss or theft, or unauthorized disclosures were not included in the report.
TrapX says that cybercriminals see healthcare organizations as ‘low-hanging fruit’. Networks are vulnerable to attack due to the continued use of legacy systems and huge numbers of unprotected or poorly protected devices that are connected to healthcare networks. Healthcare data is also much more valuable to cybercriminals than other forms of data such as credit card details. Credit card numbers can be sold on the darknet for a couple of dollars, whereas a complete set of healthcare data sells for big bucks. The data is also easy to sell on darknet marketplaces, with no shortage of potential buyers.
High demand for data and poor protections is a winning combination for hackers, and unless protections are improved, healthcare data breaches are likely to increase in 2017.
TrapX highlights two growing trends – The use of ransomware and medical device hijacking. MEDJACK and MedJACK.2 attacks have increased in 2016. These attacks allow hackers to introduce backdoors into vulnerable devices such as PACS systems, CT scanners, MRI machines, and blood gas analyzers. These attacks are easy to pull off and difficult for healthcare organizations to detect. Once a foothold in the network has been gained, the attackers can move laterally to other parts of the network.
Given the number of ransomware attacks reported this year, this method of attack and extortion needs no explanation. Ransomware attacks on healthcare organizations in the United States have increased significantly in 2016. TrapX predicts the ransomware epidemic will continue and 2017 will see record numbers of attacks on healthcare organizations. The cybersecurity firm also predicts that IoT connected medical devices will continue to be attacked, and with increasing frequency.