The 9th annual Verizon Data Breach Investigations Report was published this Tuesday. The report provides a valuable insight into the main causes of data breaches in 2015. The report shows that the biggest causes of healthcare data breaches in 2015 were stolen login credentials, privilege misuse, and miscellaneous errors.
The threat from within cannot be ignored, but it was malicious external actors that caused healthcare organizations the most problems. A high percentage of attacks either targeted healthcare employees or took advantages of mistakes they made while online.
One of the biggest problems is phishing. Phishing is now used in an increasing number of attacks on healthcare providers. Phishing emails are sent to healthcare workers via spam email. In many cases the emails are sent out in the millions and healthcare workers are random victims. However, many cybercriminals are targeting healthcare employees using spear phishing emails. In both cases, attackers are using a variety of social engineering techniques to get end users to reveal login credentials, visit malicious links, or open infected email attachments.
There has been a rise in CEO fraud in recent months. Cybercriminals are spoofing email addresses or gaining access to email accounts and are impersonating the CEO or other high level executives. They use the email accounts or spoofed emails to request bank transfers. Oftentimes employees are requested to email employee and patient data.
While it is possible to provide healthcare workers with training to help with the identification of phishing emails, many misunderstand the training or ignore it completely and reveal their login credentials to attackers. Malicious links are often clicked, allowing malware to be downloaded onto healthcare networks.
According to the Verizon report, 30% of phishing messages are opened by healthcare workers and 12% of those individuals click on malicious hyperlinks.
For the report, Verizon studied over 100,000 security breaches across a wide range of industries, including healthcare. Data breaches were included in the report if data had been compromised, exposed, or stolen, but not if data was lost.
Out of the 166 healthcare data breaches which were assessed by Verizon, 32% occurred as a result of stolen credentials. The next biggest cause with privilege abuse, which was the root cause of 23% of data breaches. 115 incidents resulted in data loss.
Verizon pointed out that the main reason for the data breaches the previous year appeared to be espionage, although this year’s report shows that the majority of attacks were conducted for financial gain.