SecurityScorecard, the leading global firm in security ratings, and a reputable dark web research company, DarkOwl, released a joint report on the state of security for the healthcare industry. The report highlighted a stark contrast between the overall security of the healthcare industry and that of telehealth services. The authors noted that although the security posture of the healthcare industry improved during the pandemic, telehealth services experienced an almost exponential increase in targeted attacks. The report analyzed over one million organizations, including 30,000 healthcare-related institutions, from September 2019 to April 2020. The study also analyzed the top 148 telehealth vendors as provided by the Becker’s Hospital Review.
Key indicators were threats against application security, endpoint security, IP reputation, and network security. The high frequency of patching cadence also indicated an increased cyber threat towards telehealth services.
The report indicated that the overall healthcare industry became more resilient to cyberattacks during the COVID-19 pandemic. However, the same period also witnessed new and emerging threats towards telehealth services due to the onboarding of vendors.
The U.S. Department of Health and Human Services said there was 350 times increase in primary care visits during the height of the pandemic. This increase led to a higher consumption of telehealth services, which in turn increased the digital footprint of both patients and vendors.
For example, by April, 43.5% of Medicare primary care was through telehealth, compared to 0.1% before the pandemic. This situation opened up a new attack landscape for telehealth services, thus elevating the level of the cyber threat facing both the patients and vendors.
Key findings of the report
Concerning the cyber threat facing telehealth services, the report found that there was a 30% increase in cybersecurity findings per domain.
IP reputation security alerts increased by 117%, contributing to this outcome. Contrarily, the overall healthcare industry experienced a 77% decrease. The reason for this difference was because cybercriminals shifted from attacking the general healthcare IT and focused on telehealth services. This escalated the cyber threat facing telehealth even as the general risk towards healthcare fell.
The report also found a 65% increase in patching cadence, the installation frequency of security updates. This strategy is the primary defense mechanism against cyber attacks. Higher frequency indicates an increased cyber threat towards the services in question.
The report authors also found a 56% increase in endpoint security findings. This situation arises from an increase in the number of exploited vulnerabilities, which are responsible for potential data theft.
The SecurityScorecard-DarkOwl report also found a 16% increase in application security findings as patients use web-based applications to connect to telehealth services. Increased cyber threats towards consumer-facing applications undermines the security of the patients’ data.
Other indicators include the regular mentioning of the top 20 telehealth services vendors on the dark web. By March, the reference had grown by 144%. The sale of electronic health data on the dark web, proliferation of exploit toolkits targeting telehealth services, and malware targeting the overall healthcare IT infrastructure was another proof of the rising cyber threat.
However, the report found that the healthcare industry slightly improved its security posture compared ti 2019. Out of the 18 reviewed industries, healthcare emerged at the 9th place, one position up from 2019. This positive performance is despite increased pressure from COVID-19, limited resources, and an influx of patients.
Study found that #cyberthreats facing #telehealth services increased exponentially while #healthcare #cyberresiliency vastly improved during COVID-19. #cybersecurity #respectdata
Click to Tweet
Sam Kassoumeh, COO and co-founder of SecurityScorecard, said that the increased telehealth services cyber threat was a sign that “healthcare organizations should continue to keep a focus on cyber resilience.”
Commenting on the increased cyber threat facing the telehealth services, Mark Turnage, CEO of DarkOwl says that threat protection teams “must remain one step ahead of potential attackers, especially during this critical period.”