Denial-of-service attacks are increasing in frequency on the healthcare industry, according to a recent report from Neustar, an American technology company.
While the first quarter of any year for cybercriminals is seen as a “pre-season” for these types of attacks, Neustar Vice President of Research and Development Barrett Lyon said that the company is already seeing “significant increases in the average attack size and variety of attack vectors.”
In fact, Lyon predicts that 2017 will face larger attacks and combinations that use different vectors – especially more IoT and pre-planted malware.
Neustar analyzed the global outbreak of DDoS attacks across all sectors, but provided Healthcare IT News with a healthcare-specific report.
Its researchers found that DDoS attacks on the healthcare industry increased 13 percent since 2016. Further, the U.S. experienced 14 percent more attacks than its global counterparts.
Even worse, of the 2017 DDoS attacks on healthcare, 45 percent of the organizations found out about the attack from an outside party. And of these breached organizations, more than half weren’t notified by IT about it.
Reaction time is slow, as well. It took almost half of breached healthcare organizations three hours to detect an attack and three hours after detection to respond. And in the U.S. reaction time doubled from 2016.
Ransomware in concert with DDoS is up as well: 14 percent of breached organizations experienced a combined attack — nearly triple of 2016’s numbers.
“Attackers are smart and have shown an ability to find and hit infrastructure vulnerabilities, even using application layer attacks to target application APIs including those of security management services,” Lyon said in a statement.
DDoS attacks were thrust into the spotlight in October 2016, when one of the world’s largest DNS providers Dyn suffered the largest DDoS attack to date. Hackers leveraged unpatched IoT cameras to swarm Dyn with traffic. In doing so, the hackers took down Amazon, PayPal, Twitter and Netflix, among others.
Hackers use DDoS attacks to gain traction on a network and “once they’re in, they move on from there,” explained Senior Fellow of ICIT James Scott. And to make matters worse, DDoS is being offered as a service on the dark web, which only perpetuates the amount of bad actors leveraging these types of attacks.
Senior Deputy CISO of Sutter Health Timothy Torres echoed the sentiment during a HIMSS Cybersecurity Panel in February: “Cybercriminals are leveraging the extortion issue within a DDoS attack… Extortion is a hard issue to solve, but organizations should focus on backups, anti-malware software and cyber hygiene.”
Fortunately, Neustar found the majority of healthcare organizations are taking this advice and recognizing the devastation that one of these attacks can cause and are trying to bolster security as a result.
“It’s time for a new approach and for innovation to come to a defense model that is rapidly falling behind,” said Lyon. “Organizations must understand what’s at risk, be clear with requirements, evaluate business models as much as technologies and find a security partner that can best put down the attacks that are surely coming.”