Health Care Data Breaches: 5 Tips for Protecting Sensitive Information We know that ransomware is a menace for just about everyone, but the health care industry has been hit unusually hard by this particular type of attack. In fact, according to Solutionary’s Security Engineering Research Team (SERT) Quarterly Threat Report for Q2 2016, the health […]
Health Care Data Breaches: 5 Tips for Protecting Sensitive Information
We know that ransomware is a menace for just about everyone, but the health care industry has been hit unusually hard by this particular type of attack. In fact, according to Solutionary’s Security Engineering Research Team (SERT) Quarterly Threat Report for Q2 2016, the health care industry represented 88 percent of all ransomware detections during the second quarter.
Think about that number for a moment. Ransomware seems to be everywhere, yet, 88 percent of detections were in one industry. Education and finance were second and third, at 6 and 4 percent, respectively.
Now, it must be noted that we may not be getting the full picture, as Solutionary threat intelligence communication manager Jon-Louis Heimerl told SC Magazine, after pointing out that the analysis was based on actual ransomware activities:
Other industries could very well have had more ransomware attempts which were isolated and stopped by additional controls, but in the case of the healthcare industry, we saw more successful infections.
Still, that’s a lot of attacks on the health care industry, which is already a prime target for cybercriminals. As Ponemon Institute’s Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data revealed, almost 90 percent of all health care organizations have suffered a data breach, and in 2016, ransomware attacks are leading the way, resulting in 41 percent of the breaches.
Ransomware against the health care industry is so severe that the Department of Health and Human Services is providing guidance on how to deal with the malware and potential attacks, that, according to eSecurity Planet, include:
It’s a step in the right direction, but it won’t be a cure-all. As Stephen Gates, chief research intelligence analyst at NSFOCUS, a leading enterprise network security provider, stated in an email comment:
Any new guidance that can help healthcare organizations prevent, detect, contain, and respond to threats (especially ransomware) is obviously good guidance. However, will guidance solve the bigger problem of the unsuspecting click? Ransomware is not an exploit that takes advantage of a vulnerable application or operating system. Ransomware is a payload that takes advantage of vulnerable people and their clicks. Even the best guidelines can’t solve that problem.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba.
Save
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
