News Feature | December 28, 2015

Healthcare Shows High Risk From Brute Force Attacks According To Industry Report

By Megan Williams, contributing writer

Healthcare is at high risk for brute force attacks

As we enter 2016 and more of the healthcare industry depends on the cloud, security specifically in this area will become even more important to your clients. In turn, they will expect more insight from you not only into their organizations, but also the external threats they face.  

To gain a better understanding going into 2016, considering reviewing a recent report by managed security and compliance solution provider, Alert Logic, which involved their Big Data security analytics engine and analyzing more than one billion events to identify and review more than 800,000 security incidents.

The State Of Cloud Technology

According to the report, 87 percent of organizations are using cloud infrastructure. Beyond that, analysts are predicting that spending for cloud computing will cross $200 billion in 2016. All this amounts to hackers having a larger “attack surface” through which they can gain access to data — something it’s essential that your clients understand, especially in relation to the threats that are particular to healthcare.

Where Attackers Are Focused

As cloud adoption increases, hackers are shifting their focus. They of course are attacking the most fruitful targets and right now, that means business that are using cloud environments. This isn’t to say that they are no longer interested in on-premises data centers, but instead means that the conversations solutions providers have with clients must involve not only traditional, but also emerging threats.

The report highlights the importance of understanding your clients’ security perception, noting that some businesses assume cloud providers automatically cover all of their security needs.

What Drives Healthcare Attackers

Especially interesting in the era of mHealth and the patient portal, is how industry characteristics drive hacker focus. Alert Logic found that hackers have reached a new level of sophistication in which they are focusing more on industries whose clients are more active online. In healthcare, this means that no only are hackers learning the value of information in our industry, but also that we are simultaneously moving closer to becoming environments that they find welcoming.

Areas Of Interest

The report has a number of highlights that you’ll want to review including:

  • an example attack detailing how a hypothetical company is taken down by threat actors (page 8)
  • a breakdown of incident occurrence by class: In cloud environments, app attacks led the pack at 70 percent. (page 10)
  • an illustration of incident occurrence over time, illustrating the fact that while Trojan and app attacks are rising, brute force and recon attacks are showing signs of slowing. (page 13)
  • a ranking of industry attacks: Healthcare came in at 39 percent with brute force attacks being most common. (page 17)

Handling Attacks

Alert Logic stresses the importance of understanding shared security models as well as maintaining a deep understanding of organizational threat profiles that consider industry, apps run, and data retained as all these factors drive attacker attention.

Going Deeper

The full report is available for free download here, and if you’re interested in reading more on growth of cloud computing in healthcare, please read “2015 Healthcare Cloud Computing Forecast: Growth Leads To Need For Storage.”