Healthcare Breaches Climb As Attackers Branch Out
When we think about a healthcare data breach, we’re often thinking about someone stealing payment information or PII from a healthcare facility. But that’s not all hackers are looking for anymore, and they’re ranging far outside the usual setting to find the information that they want – leading to a huge cybersecurity headache for healthcare organizations.
Just last week, hackers launched ransomware attacks against a device manufacturer and several healthcare providers, and they weren’t just targeting patient information – they were also looking for treatment and testing data related to COVID-19, a hot commodity on the Dark Web.
HACKERS WANT RESEARCH DATA
Recently, hackers were able to secure a $1.14 million ransom from The University of California San Francisco after successfully landing a ransomware attack that encrypted the COVID-19 research data at their medical school, and drug manufacturers like Gilead have also had research data targeted.
Healthcare breaches have surged since the start of 2020 – Department of Health and Human Services’ HIPAA Breach Reporting Tool website shows 302 major health breaches impacting nearly 8.7 million individuals have occurred so far in 2020. So how can you protect your clients?
3 WAYS TO PROTECT DATA FAST
Passly – Any of your clients that haven’t started using passly need to add it to their security stack immediately. The fastest way to add data security is to add multifactor authentication for employees to access it, preventing stolen and recycled passwords from giving cybercriminals an easy way in with credential stuffing or social engineering.
Graphus – Add our fresh automated phishing defense solution right now to add 3 layers of protection between a malignant email and an employee inbox. Graphus uses a smart AI to analyze your communication patterns and determine which incoming emails may be phishing threats, blocking some and quarantining others for IT review – automatically. There’s nothing else on the market like it, ad you can see in this demonstration video.
BullPhish ID – Security awareness training is an essential, especially phishing resistance training. Cybercriminals continue to evolve their methodology, and staffers need to be ready to spot and stop phishing attacks. Consistent, updated training will encourage that.
REVIEW SECURITY AND ADD MORE PROTECTION NOW
This is the time to approach clients in the healthcare sector to improve their security and training solutions to handle these new threats. Thisn threat picture is only expanding, and as the pandemic continues, the pressure on healthcare-related organizations will grow. Review security and training with your clients now, and reach out to new prospects, because this situation will only grow darker in the days ahead.