Cyber attacks on healthcare continue to increase

Cyber attacks on healthcare systems are increasing and made up more than a quarter of all such attacks in the second quarter of this year, according to a report.

The health, public, and education sectors comprised more than 50% of cyber attacks in 2016-2017 worldwide, with healthcare surpassing public sector incidents in 2017 Q2, the McAfee Labs Threat Report found.

More than 16 million patient records were stolen in 2016 from US health systems while the WannaCry ransomware attack in May 2017 brought the British NHS to a virtual standstill.

These attacks and others like them can paralyze departments and hospitals and put patients’ lives - as well as their confidential data - at risk. In some cases, hospitals have had to transfer patients and postpone surgeries.

“Whether physical or digital, data breaches in healthcare highlight the value of the sensitive personal information organizations in the sector possess,” says McAfee Lab vice president Vincent Weafer. 

“They also reinforce the need for stronger corporate security policies that work to ensure the safe handling of that information.”

The disruption caused by WannaCry and another example, NotPetya, to healthcare systems, in particular, was well publicised. When turning on infected devices, users were asked for payments to remove the ransomware. 

While this did not lead to most people paying up, McAfee chief scientist Raj Samani does not believe this means the attack was a failure.

“It has been claimed that these ransomware campaigns were unsuccessful due to the amount of money made,” said Samani. 

“However, it is just as likely that the motivation of WannaCry and NotPetya was not to make money but something else. 

“If the motive was disruption then both campaigns were incredibly effective. 

“We now live in a world in which the motive behind ransomware includes more than simply making money, welcome to the world of pseudo-ransomware.”

The increase in cyber attacks on the healthcare system was also seen in other industries. The numbers supplied by McAfee show the increased threat faced by healthcare and the public sector in particular.

In North America, health sector attacks led vertical sectors in the second quarter of 2017 while in Asia, the public sector was worst affected, followed by financial services and technology.

Europe had its public sector hit most hard, followed by entertainment, health, finance and technology.

It is not just ransomware, however, that is causing the increase. McAfee found new malware samples leapt up in Q2 to 52 million, a 67% increase. 

McAfee puts this increase in part down to a significant increase in malware installers and the Faceliker Trojan, with the latter accounted for as much as 8.9% of all new malware samples. 

Weafer says: “Faceliker leverages and manipulates the social media and app-based communications we increasingly use today.
“By making apps or news articles appear more popular, accepted and legitimate among friends, unknown actors can covertly influence the way we perceive value and even truth. 

“As long as there is profit in such efforts, we should expect to see more such schemes in the future.”