Threats to healthcare organisations up by nearly two-thirds
Attacks against healthcare organisations have risen by nearly two-thirds (60 percent) in the first three quarters of 2019 compared with all of 2018, according to a new report.
The results of Malwarebytes’ latest report, "CTNT Q3 2019: The State of Healthcare Cyber-security", showed that the healthcare industry has been overwhelmingly targeted by trojan malware during the last year, which increased by 82 percent in Q3 2019 over the previous quarter. The two most dangerous Trojans of 2018–2019 for all industries, Emotet and TrickBot, were the two primary culprits.
It also found that Emotet detections surged at the beginning of 2019, followed by a wave of TrickBot detections in the second half of the year, becoming the number one threat to healthcare today.
The report also found that endpoint detections have grown 45 per cent from 14,000 healthcare-facing endpoint detections in Q2 2019 to more than 20,000 in Q3. Trojans, hijackers and riskware each surged by over 80 per cent from Q2 2019 to Q3.
The top attack methods for healthcare networks in the last year were: exploiting vulnerabilities in third-party vendor software, such as medical management apps or custom software for hospitals and medical practices; taking advantage of weak security postures due to staff negligence, user erroronous and poor patching cadences; and using social engineering methods such as phishing and spear-phishing emails to deliver malicious attachments and links.
Ageing infrastructure, low IT budgets and a wealth of personally identifiable information (PII) data make healthcare institutions prime targets for cyber-criminals, said the report.
Adam Kujawa, director of Malwarebytes Labs, said that the picture in the UK is broadly similar to the US, except with very few Emotet infections.
"Trickbot appears to have had a small campaign in March of 2019 but, by September 1, it’s totally gone from any detections," he told SC Media.
"There has been a surge of exploit activity throughout the year. It did seem to dip during the summer and then rose again in the fall, which is similar to what we’ve seen globally from Emotet. However, we’ve seen very little of that baddie for this particular country and industry since April 2019. Our medical industry customers in the UK often get hit with exploit attempts, although I can’t really pinpoint what malware family is causing that," he added.
SentinelOne’s senior director, SE, EMEA & APAC, Patrice Puichaud, told SC Media UK that vulnerabilities in software are key vectors for hackers looking to steal medical data, so patching software on a regular basis is vital.
"Unpatched and misconfigured systems represent a massive weak spot in security, representing 80 per cent of the corporate attack surface. Automating the process of patching OS and 3rd-party software vulnerabilities is, therefore, essential. Alongside this, organisations should have an action plan (disaster recovery), even if specific circumstances prevent organisations from following it exactly. The plan can help guide and structure responses when time is critical," he said.
Rick McElroy, a cyber-security strategist at VMware Carbon Black, told SC Media UK that healthcare organisations are increasingly being targeted by cyber-attacks due to the gold mine of personal data they possess. Without a doubt, the NHS generates swathes of data that has the potential, if in the wrong hands, to have devastating consequences, putting individuals and NHS Trusts at risk.
"With the growing sophistication of attacks, our primary recommendation for CISOs in the healthcare industry is to increase endpoint visibility. CISOs need to look at any connected asset as a potential target, which includes electronic medical-record systems, medical devices, payment processing systems, and more," he said.
"Organisations must also establish protection from emerging attacks. With the potential attack surface growing and evolving quickly, you need to stop as much as possible. This means leveraging a variety of technologies from whitelisting to streaming analytics to behavioural prevention."
source scmagazineuk
Industry: Cyber Security
Latest Jobs
-
- New Business Sales lead | UK - Cyber Security | New Logo sales
- United Kingdom
- Uncapped OTE
-
New Business Sales lead | UK - Cyber Security | New Logo sales UK Remote An established EMEA technology organisation is hiring a senior New Business Sales lead to take ownership of UK growth. An opportunity built for someone ready to take advantage of competitors who have taken their eye off the ball and turn that into sustained market share. This role is for someone proven. A self-starter who does not need micromanagement, knows how to win market share, and wants the backing of a larger business while building success their own way. You will lead and shape new logo acquisition, define and execute go-to-market strategy with regional leadership, and drive growth across cybersecurity, digital transformation, Microsoft modernisation etc. This is a new business sales role, with budget and full sales lifecycle responsibility. The goal being to build a wider a sales function beneath you as revenue scales. Experience across Financial services, manufacturing, industrial etc helpful. UK-based, remote-first, client-facing when needed. Competitive base salary with uncapped earnings.
-
- Business Development | Healthcare | Warm accounts | UK
- England
- N/A
-
Business Development | Healthcare | Warm accounts | UK Healthcare Cyber Security UK Based An experienced Business Development Manager is required to drive new cyber security revenue across a warm healthcare account base. This role is focused on new business and account growth, engaging healthcare organisations to understand risk, priorities, and operational challenges, and positioning appropriate cyber security solutions and services. Key Responsibilities Drive new business sales into a warm healthcare account base Develop and close new opportunities across healthcare organisations Build senior level relationships with IT, security, and procurement stakeholders Own the full sales lifecycle from first conversation through to close Work closely with technical pre sales and delivery teams Experience Required Proven B2B new business sales experience within cyber security or technology Healthcare sector experience desirable Strong consultative sales and closing capability Ability to achieve UK Security Clearance is required UK based with flexibility to travel What’s on Offer Warm accounts with new business focus Clear revenue ownership Competitive base salary with uncapped commission
-
- Technical Pre Sales Cybersecurity Consultant. Healthcare
- England
- N/A
-
Technical Pre Sales Cybersecurity Consultant UK Remote | Healthcare Focus Overview We are seeking an experienced Technical Pre Sales Cybersecurity Consultant to support healthcare organisations by delivering advisory, solution design, and security uplift services. This role focuses on improving security outcomes, addressing operational challenges, and enabling informed technology decisions across complex and regulated environments. The position blends technical pre sales expertise with a consultative approach, working closely with clinical, technical, and commercial stakeholders to shape effective cybersecurity solutions. The individual must be able to achieve UK Security Clearance. Key Responsibilities Provide technical pre sales support across cybersecurity solutions and services for healthcare organisations Engage stakeholders to understand security challenges, risks, and operational pain points Deliver advisory guidance and recommendations to strengthen security posture and resilience Translate customer requirements into clear, outcome focused technical and commercial solution designs Act as a trusted technical advisor throughout the sales and early delivery lifecycle Produce clear technical documentation, recommendations, and customer facing materials suitable for regulated environments Collaborate closely with sales, delivery, and technical teams to align solutions with customer needs Experience and Skills Proven experience in technical pre sales or cybersecurity consultancy Experience working within healthcare or other highly regulated sectors Broad knowledge of cybersecurity technologies, managed services, and risk based approaches Strong communication skills with the ability to engage both technical and non technical stakeholders Confident operating in a client facing, consultative role UK based role with remote working Occasional travel for customer engagement as required
-
- Contract Technical Pre Sales Cyber Security Healthcare. SC clearance needed
- England
- Outside IR35
-
Contract Technical Pre Sales Cyber Security Healthcare Outside IR35 Contract | UK Remote | Healthcare Focus Existing SC clearance is required. Overview Seeking an experienced Technical Pre Sales Cybersecurity Consultant is required to deliver advisory and uplift services across complex healthcare organisations. This Outside IR35 contract operates on a consultancy basis, focused on improving security outcomes, addressing operational pain points, and supporting informed Cyber Security decisions. The role combines deep technical pre sales capability with consultative advisory delivery, working across clinical, technical, and commercial stakeholders to shape effective and proportionate cybersecurity solutions. Responsibilities Provide technical pre sales consultancy across cybersecurity solutions and services within healthcare environments Engage senior stakeholders to understand security challenges, risks, and operational pain points Deliver advisory guidance and uplift recommendations to improve security posture, resilience, and maturity Translate healthcare requirements into clear, outcome focused technical and commercial propositions Act as a trusted technical advisor throughout the pre sales and early engagement lifecycle Produce concise technical documentation, recommendations, and advisory outputs suitable for regulated healthcare settings Experience Strong background in technical pre sales or cybersecurity consultancy Experience working with healthcare or other highly regulated environments Broad understanding of cybersecurity technologies, managed services, and risk based security approaches Ability to communicate complex technical concepts to both technical and non technical audiences Comfortable operating independently in a client facing advisory role