But healthcare is among the hardest hit by extortion and data weaponization, according to a new report from the cybersecurity firm CrowdStrike.
Designs have been resized. Courtesy of CrowdStrike.
When a rash of international cyberattacks paralyzed healthcare and other industries last year, some organizations might have felt as if they were under siege as they failed to perform their most basic functions. And those hospitals, pharma giants, and community medical practices would have been correct to believe they were the victims of some sort of 21st-century war. A new report from the firm CrowdStrike has found that cyberwarfare tactics trickled down from nations to other bad actors in 2017, furthering a trend that has hammered healthcare especially hard.
“The result of trickle-down in the field of cybersecurity has been a proliferation of highly sophisticated weaponry for cyberwarfare being pushed down into the mass market and commoditized,” wrote George Kutz, CrowdStrike’s co-founder and CEO. “The consequences to legitimate organizations have been alarmingly clear.”
One such consequence is the degree to which hackers have stung healthcare. It was second only to government in data breach reporting, a blemish that could be attributed to reporting requirements, according to CrowdStrike. Still, the company found that ransomware and extortion are “extremely common” in each sector, with local hospitals and physicians shouldering roughly half of these attacks in the medical space.
The document, “2018 Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft,” was published this week. Scouring threat data from CrowdStrike’s experts and monitoring tools, including a cloud-based graph database that processes “nearly 100 billion events a day across 176 countries,” the report outlines cybercrime trends, adversary targeting, and related metrics. But the analysts spill much ink on the rise of cyberwarfare and its collateral—or intentional—damage.
“We’ve already seen cyber adversaries launch massive, destructive attacks that render organizations inoperable for days or weeks,” Dmitri Alperovitch, the company’s co-founder and chief technology officer. “Looking ahead, security teams will be under even more pressure to detect, investigate, and remediate breaches faster.”
The 42-page threat report details a great deal of concerning activity, but CrowdStrike has distilled several major points for leaders in any industry. Here are a handful of those insights.
CrowdStrike, which sells solutions in the field, advised decision makers to brush back “government-grade” intrusions by leaning on new tech and best practices that don’t rely on signature-based prevention.