By Bill Minahan | July 2, 2019 | 0 Comments
People assume the most likely and frequent targets of financially motivated cyber attacks are banks, hedge funds, and financial services. However, data shows this isn’t true. In fact, cyber attacks on companies are more likely to threaten traditional and long-established businesses outside of the financial sector.
The industries attacked the most are healthcare providers and manufacturing organizations. Many players in these industries utilize and reap the benefits of modern technology without investing in sophisticated cyber security prevention and solutions.
Therefore, cyber attacks on these companies are frequent and damaging.
Organizations increasingly rely on technology to ensure their operations run smoothly, and in doing so, have created a plethora of new attack surfaces without defense.
The healthcare sector had two massive data breaches last month alone. Hackers exposed the private and financial information of roughly 19.6 million patients. Attacks like these highlight the extreme vulnerabilities that plague outdated hospital systems and how easily cyber criminals exploit them. Hospital systems are a gold mine for hackers because they host high volumes of private patient information (PII), which can be sold on the dark web.
Healthcare providers and hospitals are one of the easiest networks to break into. It’s an extremely lucrative payout for hackers who steal massive amounts of private data from healthcare companies. Your medical record is worth 10X more than your credit card number on the black market, according to one estimate.
The real answer: any way they can.
However, one weapon has recently raised the most concern: ransomware. Ransomware is the fastest growing cyber crime and it hit the healthcare industry especially hard.
Ransomware infects your computer and restricts your access to files unless a sum of money is paid. This is especially troubling for hospitals. Doctors and hospital staff can’t access patient records they depend on for treatment during attacks.
In January 2018, Hancock Health paid $55,000 to unlock their systems after a ransomware attack. The hackers were based in Eastern Europe and gained access through a third-party vendor—a tactic that’s becoming more common and creates a high risk for cyber-attacks.
In February 2016, a California medical center paid $17,000 in ransom to regain control of its computer system from hackers. Attacks on healthcare corporations are predicted to increase 5X by 2021, according to the Herjavec Group’s 2019 Official Annual Cybercrime Report.
In 2017, a strand of ransomware infected dozens of organizations across 99 countries. Most notable was the NHS in the UK that plunged into chaos following the attack. There, hospitals hit by the attack were forced to shut off all online systems to protect their data. During this time, hospitals couldn’t answer calls, cancelled scheduled appointments, and delayed surgeries. This attack was one of the largest, most coordinated, and aggressive, ransomware attacks to date.
Unfortunately, these attacks cost the healthcare industry millions of dollars in reputation damage, financial losses, and lawyer fees from the class action lawsuits that are all but guaranteed after a data breach.
However, healthcare isn’t the only vulnerable industry. The manufacturing industry comes in at number 2 for most at risk of cyber security threats.
Cyber attacks on companies pose a high risk because they’ve modernized without investing in enough IT management and cyber security solutions. Businesses increasingly rely on modern technology, yet their outdated systems fail to defend them from prevalent threats online. They don’t use the latest security features and often rely on aging computer systems.
Cyber criminals exploit the vulnerabilities of businesses, often in order to gain access to larger and more lucrative companies. According to Robert Herjavec, CEO of Herjavec Group, “this dramatic rise (in damage costs) only reinforces the sharp increase in the number of organizations unprepared for a cyber attack.”
The answer isn’t to take a step back from technology and halt innovation. Modern technology allows businesses to expand and connect with people around the world. In fact, a strong online presence is an essential part of success for most businesses today. However, with these benefits comes a myriad of new risks that have and will continue to put companies out of business.
The answer is awareness. Too many companies only feel the weight of the threat after they’ve been attacked. Proactively defend your business, educate and train your employees, and introduce sophisticated cyber security prevention.