Phishing, Humans Root of Most Healthcare Attacks
Kacy Zurkus | February 12, 2019
Across healthcare organizations in the US, malicious actors are successfully leveraging phishing attacks to initially gain access to networks, according to findings from the 2019 HIMSS Cybersecurity Survey published by the Healthcare Information and Management Systems Society (HIMSS). The study, which surveyed 166 qualified information security leaders from November to December 2018, found that there are particular patterns of cybersecurity threats and experiences distinctive to healthcare organizations. “Significant security incidents are a near universal experience in US healthcare organizations with many of the incidents initiated by bad actors, leveraging email as a means to compromise the integrity of their targets,” the survey said. Nearly half (48%) of all respondents identified two different categories of major threat actors, which included online scam artists (28%) and negligent insiders (20%). The hospitals that participated in the survey said that when looking at the security incidents that occurred in the last 12 months, the initial point of compromise for 69% of the attacks was the result of phishing emails.