Healthcare is one of the most retargeted industries by threat groups

The healthcare sector faces a range of cyber attacks and malicious activity. Given the importance of data theft and its relationship with our most sensitive information, the risk to this sector is especially consequential. Today, FireEye has launched a report that provides an update on the three types of threat most commonly used against healthcare organisations: data theft, cyber espionage and disruptive & destructive threats.

Due to the critical role that the health sector plays within society and its relationship with patients’ most sensitive information, the risk to this sector is especially consequential, according to FireEye’s report,https://content.fireeye.com/cyber-security-for-healthcare/rpt-beyond-compliance-cyber-threats-and-healthcare. The healthcare sector faces a range of threat actors and malicious activity that can be grouped into three main goals, say researchers at security firm FireEye, who urge the industry to gear up to bolster its cyber defence capabilities.

In targeting the sector, cyber criminals are seeking to steal personally identifiable information (PII) and protected health information; nation states carry out intrusions to steal valuable research and mass records for intelligence-gathering purposes; and disruptive threats such as ransomware have the potential to wreak havoc among hospital networks and impact the most critical biomedical devices and systems, the report said.It also sells data directly stolen from healthcare organisations, cyber criminals also often sell illicit access to these organisations in underground markets, the report said.

Focusing on data theft, the report said financially motivated threat activity represents a high-frequency, high-impact threat to healthcare organisations. Cyber crime actors may conduct focused intrusions into specific targets that house, or have access to, valuable patient records and data, or carry out opportunistic targeting of poorly secured organisations and networks. There are a large number of healthcare-associated databases for sale online. Our analysts pulled a sample from the last six months, most of which can be purchased for under $2000 dollars.

Lastly, healthcare organizations must contend with a range of cyber threat actor motivations and behavior. Because of the wealth of data they hold, healthcare breaches and compromises can have far reaching consequences for consumers.