NEW YORK, Sept. 10, 2020 /PRNewswire/ — SecurityScorecard, the global leader in security ratings, and DarkOwl LLC, a leading dark web research company, today jointly released the “Listening to Patient Data Security: Healthcare Industry and Telehealth Cybersecurity Risks Report”. The research found that while COVID-19 has proven the healthcare industry’s overall resilience, it has also increased its cybersecurity risk with new and emerging threats. The rapid adoption and onboarding of telehealth vendors led to a significantly increased digital footprint and attack surface, leaving both provider and patient data at risk.
According to a brief from the U.S. Department of Health and Human Services, at the height of the pandemic, the number of telehealth primary care visits increased 350-fold from pre-pandemic levels. SecurityScorecard and DarkOwl focused the 2020 healthcare report on reviewing the 148 most-used telehealth vendors according to Becker’s Hospital Review. The report indicates that telehealth providers have experienced a nearly exponential increase in targeted attacks as popularity skyrocketed, including a 30% increase of cybersecurity findings per domain, notably:
- 117% increase in IP reputation security alerts
- Malware infections — as part of successful phishing attempts and other attack vectors — ultimately cause IP reputation finding issues
- 65% increase in patching cadence findings
- Patching cadence is the regularity of installing security patches and is often one of the primary security policies that protect data
- 56% increase in endpoint security findings
- Exploited vulnerabilities in endpoint security enable data theft
- 16% increase in application security findings
- Patients connect with telehealth providers using web-based applications including structured and unstructured data
- 42% increase in FTP issues
- FTP is an insecure network protocol that enables information to travel between a client and a server on a network
- 27% increase in RDP issues
- RDP is a protocol that allows for remote connections, which has seen increased usage since the widespread adoption of remote work
Additionally, DarkOwl’s research showed a noticeable increase in mentions of major healthcare and telehealth companies across the dark web since February 2020. There was evidence of prolific and emerging threat actors selling electronic patient healthcare data, malware toolkits that specifically target telehealth technologies, and strains of ransomware that are uniquely configured to take down healthcare IT infrastructure.
Over the past four years, SecurityScorecard has reported on the cybersecurity struggles the healthcare industry faces. In this year’s report, SecurityScorecard and DarkOwl looked at over one million organizations — over 30,000 in healthcare alone — from September 2019 to April 2020 and analyzed terabytes of information to assess risk across 10 factors.
The healthcare industry, despite new risks from telehealth vendors, slightly improved its security posture compared to 2019. The industry moved to 9th place out of 18 reviewed industries (up from 10th in 2019.) This is heartening, especially as the industry has been overwhelmed by an influx of patients, limited resources, rationing, and other challenges due to COVID-19.
“While telehealth is an integral part of maintaining social distancing and providing patient care, it has also increased healthcare providers’ digital footprint and attack surface, which we see with the increase of findings per telehealth domain, and in factors like endpoint security,” said Sam Kassoumeh, COO and co-founder of SecurityScorecard. “It’s an indicator that healthcare organizations should continue to keep a focus on cyber resilience.”
Mark Turnage, CEO of DarkOwl adds, “Since the onset of the pandemic, cybercriminals are entering the healthcare data selling space which ultimately leads to new risks facing healthcare organizations and their IT supply stream. Threat protection teams must remain one step ahead of potential attackers, especially during this critical time.”
Methodology and more details can be found in the full report here.
SecurityScorecard is the global leader in cybersecurity ratings and the only service with over a million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 1,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees, and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.
DarkOwl was founded in 2016 with the mission of collecting the broadest dataset of darknet content available in the cyber-defense industry and making that data both accessible and valuable to its clients. By empowering its customers to have eyes on the darknet, DarkOwl enables organizations and governments to fully understand their security posture, detect potential breaches and violations of the law, mitigate them quickly, and investigate even the furthest and most obscure reaches of the internet. www.darkowl.com