Security News > 2020 > July > Attack Surface Growing for Healthcare Industry
Despite the well-documented increase in attacks against the healthcare industry during the COVID-19 pandemic, the industry is largely coping well against the cyber criminals.
"Data smuggling behaviors," notes Vectra in its 2020 Spotlight Report on Healthcare, "Can occur when patient medical records are transferred to cloud storage offerings like Microsoft OneDrive, which is a common requirement for collaborating healthcare professionals."
Much lateral movement in healthcare is not actually criminal - it is caused by administrative activity as organizations deal with lean staff, old controls, and unsecured protocols like FTP. These indicators lead Vectra to conclude that Healthcare is now transforming itself as far as possible into an online service, with massive dependence on the cloud.
Google has said it has detected more than a dozen groups using COVID-19 themes as bait in phishing and malware traps, and that it has seen attacks launched by the Iran-linked threat group named Charming Kitten against medical and healthcare professionals, including employees of the WHO. The DHS and the UK's NCSC issued a joint statement that APT groups were targeting healthcare's response supply chain.
Despite this increase in attack activity, Vectra's research has not detected any corresponding increase in healthcare compromises, suggesting that healthcare's current security posture is quite strong.