Cyber-attacks recorded towards the healthcare industry have surged last December since the first batch distribution of covid19 vaccines started. The noticeable 51% increase in cyber-attacks from the previous month suggests that interested parties’ volume to exfiltrate covid19 related data is highly priced among threat actors and APT groups.
Based on the reported data for December 2020, there is a large increase in four specific cyber-attack types:
- Detected cross-site scripting (XSS) had a 43% increase
- SQL injection attacks had a 44% increase
- Protocol manipulation hack attacks had a 76% increase
- And remote code execution (RCE) had 68% detected increase
Based on the volume of the cyber-attacks, cross-site scripting and SQL injection represent the most threat. This year has been unparalleled as global healthcare industries and organizations are experiencing an average of 187 million attacks per month, which amounts to about 500 cyber-attacks per organization each month. Among the top countries targeted last year are the US, UK, Canada and Brazil.
As with many different sectors upgrading their systems for online transactions, healthcare organizations have transformed their systems and processes digitally to help adapt and survive through a phenomenal year. However, it is due to their reliance on third-party applications to save costs, and time may have also exposed them to dangerous threats.
We are aware that there are business advantages to using third-party applications and services. Still, some risks include the schedule of vendor patch releases and zero-day vulnerability being discovered from time to time that can be exploited by threat actors.
Relying on JS APIs and third-party apps create a threat landscape that is more complex and automated cybersecurity risks that are gradually becoming challenging for cybersecurity defence detection and response systems.
While various ransomware is the common attacks in healthcare organizations, only the vulnerable front-end third-party applications experience the volume of daily cyber-attacks listed above.
There may be a despicable surprise waiting for healthcare organizations during the start of 2021 as the impact of December attacks become clear, cybersecurity experts saw a 43% growth in data leak cases.