Healthcare Malware Risk at All Time High

By Richard Anderson

According to a new cybersecurity report by Check Point, the current healthcare malware risk is at an all-time high. The risk of malware causing a HIPAA breach has been elevated recently due to the wide variety of malware that is now emerging. Malware is evolving it would seem.

The new variants are harder to identify and healthcare companies need to work hard to keep their databases protected. The report shows that over the course of the last year, the number of detected malware programs has risen by frightening levels. Check Point says that in 2013, companies reported attempted malware attacks at a rate of 2.2 per hour. The rather disturbing figures from 2014 show that the figure has risen to a shocking 106 attempts. That is 106, per hour, every day of the year, and the figure is growing.

When HIPAA regulations were first introduced, healthcare providers struggled to bring cybersecurity defenses up to the required standards. Since 2014, healthcare providers have responded to the increased healthcare malware risk and have implemented new policies and installed new technologies to better protect the data they hold.

Even with improved defenses the number of reported data breaches appears to be growing. That is a trend that is unlikely to change, based on the data in the report. According to Check Point figures, a malware attack on a mid-sized company takes place every 34 seconds, and it is only a matter of time before one piece of malware succeeds.

When that program is installed it can communicate with other programs and can transmit data and install other files and programs. In many cases criminals gain access months before malware is detected.

In spite of the increased risk, the report suggests that out of the companies surveyed, only 1% are using technologies that can prevent malware from gaining access to data, and in spite of the proliferation of different strains of malware, only 10% of companies are subscribing to threat intelligence reports.

 Increased Healthcare Malware Risk from Zero Day Malware

The report contains rather worrying information for health IT professionals. The proliferation of malware not only involves different strains of known malware, which are relatively easy to identify and repel, there has also been an increase in the number of reported cases of “zero-day malware.”

Zero-day malware is brand new, previously unidentified malicious software. While a great deal of hackers have the skill to develop their own malware to target the healthcare industry, the time and effort required often does not make it worthwhile. Especially when there are easier, less labour-intensive ways to gain access to healthcare networks.

However, zero day malware is on the increase too, and what is worrying is the difficulty even the most robust anti-malware defenses have identifying the malicious software.

The internet security industry responds to new threats quickly; usually in time to prevent malware from inflicting serious damage. As healthcare providers plug one security hole, another one is exploited. Two particular areas of concern, particularly for the healthcare industry, are the use of wearable technology and healthcare mobile devices.

The report suggests that the healthcare malware risk from mobiles and wearable tech is considerable, since it is very difficult to control how the devices are used. Mobile Apps are a good case in point. In spite of healthcare providers’ polices on the use of mobile devices in BYOD schemes, many users still break data security rules by downloading unauthorized apps. Any one unauthorized app could potentially be used by hackers to gain control of the device.

In 96% of cases, the mobile tested was found to contain unauthorized Apps; an increase of 10% year on year.

Somewhere the message is being lost about device security, and how important it is to manage risk. Security policy violations could potentially land both employees and healthcare providers in hot water.

Twitter Facebook LinkedIn Reddit Link copied to clipboard

Posted by

Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news