What You Should
– Vectra spotlight report on healthcare discredits the
widely held belief that external threats would lead to an increase in data
breaches during the COVID-19 pandemic.
– According to Vectra, although opportunistic attacks against healthcare were up – and some might have succeeded – external activity does not appear to have led to an internal activity normally observed in successful attacks. Healthcare organizations in general are doing a good job of mitigating inbound attack attempts.
Vectra AI, a provider of network threat detection and response (NDR), today released its 2020 Spotlight Report on Healthcare, which notably discredits the widely held belief that external threats would lead to an increase in data breaches during the COVID-19 pandemic. The latest Spotlight Report on Healthcare is based on observations and data from January-May of this year using a sample of 363 opt-in enterprise organizations in healthcare and eight other industries.
Cloud services and remote healthcare create new
exploitable attack surfaces
When specifically examining cybersecurity statistics for
healthcare in 2020, Vectra research has found that there is an increase in two
trends during the first half of the year. The first is the upward trending of
command-and-control behaviors, which indicate remote access of internal
systems. The second is the doubling of data exfiltration behaviors, which
indicates that data is leaving internal healthcare networks to external
destinations like cloud services. This increase in remote access and data
transmitted to external destinations aligns with the rapid adoption of cloud
services in healthcare during the COVID-19 pandemic.
External threats targeting healthcare are not leading to
increased internal threat activity
According to Vectra, although opportunistic attacks against healthcare were up – and some might have succeeded – external activity does not appear to have led to an internal activity normally observed in successful attacks. Healthcare organizations in general are doing a good job of mitigating inbound attack attempts.
Within the current climate, the need for immediate response
outweighs the normal policy oversight of ensuring secure data handling
processes. Healthcare operations involve never-ending challenges to balance
security and policy enforcement with usability and efficiency. Security
organizations in healthcare will likely struggle with managing the need for
availability of patient information with the policy and controls required for
securing and protecting that data in the cloud.
Analysis of security in the healthcare industry from January-May
From January-May 2020, the Vectra Cognito® Network Detection
and Response (NDR) platform detected and correlated behaviors consistent with
attacker behaviors in host devices, assigned a threat-severity score, and
prioritized the highest-risk threats to healthcare. This analysis provides the
context needed to better understand what data is moving to the cloud, as well
as how it is being used and shared.
For healthcare organizations, the migration of data to the
cloud was already in motion, and COVID-19 has accelerated this transition and
the policies that govern it. NDR is an effective approach for the detection and
response to attackers that circumvent or defeat defensive controls and gain an
operating capability inside an organization’s infrastructure.
have been tasked with quickly leveraging remote access and cloud analytics to
scale their operations,” said Chris Morales, head of security analytics at
Vectra. “While cloud computing better optimizes the use of resources in
healthcare, it also creates significant risks. This is especially true when
cloud adoption happens faster than proper due diligence can be applied by
information security personnel. This trend will persist well after the
For more information about the report, click here.