weerapat1003 - Fotolia

Healthcare sector 340% more prone to IT security threats

Cyber criminals are targeting healthcare organisations because of the rocketing black market value of personal medical data, says Raytheon Websense

Healthcare organisations are 340% more likely to be hit by an IT security incident than the average across all sectors, and 200% more likely to experience data theft, according to research.

Medical information sells for 10 times more than other data on the black market, making it a key target for cyber criminals, according to the study from supplier Raytheon|Websense. The figures come from analysing telemetry feeds from healthcare organisations all over the world, as part of the five billion daily security events identified by the firm’s threat intelligence network.

Hackers are much more likely to use certain forms of malware to target healthcare organisations: They are 450% more likely than average to be hit by the Cryptowall ransomware, a Trojan that encrypts files on a user’s device and asks for payment to release the data.

The Dyre “man in the middle” malware turns up 300% more often in healthcare – a phishing attack that directs users to fake banking websites to steal their login details. And Dropper, which leaves malware to open up backdoors onto systems, appears 376% more in healthcare – in the first half of this year, 83% of all Dropper incidents worldwide took place in the sector, according to the Websense survey.

The research does not break down its findings by country, but in the UK the NHS has been heavily criticised for its lacklustre approach to cyber security. In February 2015, the Information Commissioner’s Office (ICO) obtained powers to forcibly audit NHS organisations after a series of data protection issues in NHS trusts.

The ICO has issued NHS organisations fines totalling £1.3m for offences such as data protection breaches, improperly disposing of confidential information and sharing private data with other organisations without proper consent.

“The NHS holds some of the most sensitive personal information available but, instead of leading the way in how it looks after that information, the NHS is one of the worst performers. Time and time again we see data breaches caused by poor procedures and insufficient training. It simply isn’t good enough,” said Christopher Graham, the information commissioner at the time.

Last year, civil liberties pressure group Big Brother Watch called for better healthcare data security after a study revealed the NHS had suffered an average of six data breaches a day for the previous three years.

Health organisations' security in race to catch up with technology

But NHS trusts are responding to the threats they face. University College London Hospitals (UCLH) NHS Foundation Trust, for example, is using real-time IT analytics to deliver quick responses to security and other incidents. And Yeovil District Hospital NHS Foundation Trust said it has increased spending on cyber security fivefold since 2012.

Most things that need to be done to ensure data security are relatively simple, said Derrick Bates, information security officer, North Cumbria University Hospitals NHS Trust, speaking at an event in London in 2014.

“The best way to make sense of all the security guidance from various information security bodies is to ask six key questions: Who, what, where, when, how and why,” he said. “Answering these six questions will provide 95% of what is required to make a business case for securing your network and provide greater clarity of thought on the topic.”

The accidental disclosure of the names and addresses of 780 people by an HIV clinic in London in September 2015 suggests data breach lessons of the past have yet to be learned.

The rapid growth of digital healthcare technology is leading to a substantial increase in targeted attacks, said Carl Leonard, Raytheon|Websense principal security analyst.

“While the finance and retail sectors have long honed their cyber defences, our research illustrates that healthcare organisations must quickly advance their security posture to meet the challenges inherent in the digital economy – before it becomes the primary source of stolen personal information.”

Read more about IT security in healthcare

As NHS England restarts its Care.data programme, Computer Weekly looks at how it is intended to work, the legislative background and the data security concerns.

The NHS does not always provide a trusted repository for patient data, but some NHS trusts are examples of good practice in action.

The latest NHS data breach comes after the ICO's repeated warnings about the risk of disclosing personal data through poor email practices.

Read more on Healthcare and NHS IT

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

I wish an explanation of the percentages was given.  Are these meant to be predictive statistics meant to instill fear in people, or are they based on some harder numbers. 

Also when you say more likely... more likely than what? What's the baseline its being compared to?
Hi Veretax,

the figures above are based on analysis of data generated from Websense's global customer network, so they are historic statistics based on actual threat activity.

"More likely" means more likely than the average across all sectors - so for example, healthcare organisations are 200% more likely to be hit by data theft, compared to the average rate of data theft across all sectors analysed by Websense using the same data.

Hope that helps to clarify.
When it come to security threats it may be more that just data that gets stolen. If you believe television there was a recent show where they hacked a hospital and took control of it's medical equipment. The wi-fi was breached and they took control of ventilators and pumps that administer medications. IF this is possible, because it was television, That is just one more reason that networks need to be tightened. I have also seen a lot staff, patients and visitors walking around with mobile devices that could be used to capture shots of personal data. Granted it would be small in size, and may be more noticeable, but the risk is still there.
I have heard the stats before that healthcare data is even more valuable than credit card numbers to hackers. I'm not sure that I understand why. But it is concerning given that I work in the healthcare IT industry. 
I guess it could be if you need a major procedure done. Say you need a hip replacement and do not have insurance. If you stole someones ID who has the insurance and impersonated them could you get the procedure ?? Who gets stuck with the bill??
Well written article.
Have heard a lot of hospitals have been getting hit with ransomware in the news lately. I guess until we can really tighten up security it will have to be the price we pay for the benefits of technology.