The healthcare industry experienced a 210% increase in cyberattack related incidents in 2017, according to a new report by cybersecurity company McAfee.
The company’s latest report highlights the growth and trends of new malware, ransomware, and other threats in the last quarter of 2017.
Within the healthcare sector, cybercriminals are targeting organisations due to a lack of compliance with best practices and vulnerabilities in medical software.
The report highlights that although “publicly disclosed security incidents targeting healthcare decreased by 78% in the fourth quarter of 2017, the sector experienced a dramatic 210% overall increase in incidents in 2017”.
Analysts from McAfee also looked into possible targets of attack within healthcare and found exposed sensitive images and vulnerable software. By combing these targets, the analysts were able to reconstruct patient body parts and print 3D models.
Speaking about the report, Christiaan Beek, McAfee lead scientist and senior principal engineer, said: “Healthcare is a valuable target for cybercriminals who have set aside ethics in favour of profits. Our research uncovered classic software failures and security issues such as hardcoded embedded passwords, remote code execution, unsigned firmware, and more. Both healthcare organisations and developers creating software for their use must be more vigilant in ensuring they are up to date on security best practices.”
The report also found that cyberattacks are becoming diversified, with new activities being used by criminals to make money. The spike in the value of Bitcoin at the end of 2017 saw criminals hijacking Bitcoin and Monero wallets. Researchers also found Android apps exclusively developed for the purpose of cryptocurrency mining.
Steve Grobman, chief technology officer for McAfee, said: “By going digital along with so many other things in our world, crime has become easier to execute, less risky and more lucrative than ever before. It should be no surprise to see criminals focusing on stealthy fileless PowerShell attacks, low risk routes to cash through cryptocurrency mining, and attacks on soft targets such as hospitals.”