S21sec has published its Threat Landscape Report, which provides an overview of the most relevant threats of the first half of 2022. According to the study, which aims to analyze the main vulnerabilities and cyber risks in strategic sectors worldwide, the health sector is one of the most affected, with more than 88 cyberattacks confirmed during the first six months of the year. Since the beginning of the pandemic, the health sector has positioned itself as one of the main targets of cybercriminals, demonstrating a high degree of exposure to cyberattacks. Among the top threats recorded during the first half of 2022, S21sec's Threat Intelligence team detected an increase in 'data breaches' in hospitals and clinics, as well as the sale or auction of access to technological infrastructures in the health sector and also ransomware attacks on organizations in this sector. A total of 50 'data breaches' were identified in this period, a number that, according to experts, could actually be substantially higher because some clinics, hospitals and other organizations do not report or publish the incidents due to ignorance or fear of reputational damage, and because in some cases hackers do not advertise abroad the sale of the stolen data. According to this report, sales or auctions of access to hospital and clinic infrastructure (many of them access with elevated privileges or infrastructure administrators) increased in forums and chats on the Deep and Dark Web. During the first half of the year, a total of 33 sales or auction publications were recorded, without taking into account those carried out in private channels or forums with greater access restrictions.
“Health-related data has become quite valuable and attractive for sale by cybercriminals. The information is so valuable that we have observed auctions for the sale of information on hospitals in the United States, Canada, France and the United Kingdom with an initial bid price between 3,000 and 5,000 euros”. Hugo Nunes, Threat Intelligence team leader at S21sec.
In addition to hospitals and clinics, there has also been an increase in cyberattacks on companies in the health industry, such as pharmaceutical and biotechnology companies, medical research organizations or medical platforms on the Internet, since information from these entities is also very profitable for cybercriminals.
“These attacks could have a huge impact both for organizations in the health sector and for the common person, as they can lead to great financial losses, disruption of medical services and the normal procedures followed by institutions and this can jeopardize the provision of the best possible service to the user or patient.“
Hugo Nunes, Threat Intelligence team leader at S21sec.
Among the attacks carried out during the first half of the year, the Ransomware attack on Centro Hospitalar de Setúbal, the attack suffered by Hospital Garcia de Orta in April (which triggered the activation of a contingency plan, limited the access to information and conditioned several medical acts) and the information leak at the Shields Health Care hospital in early June, which compromised data on more than 2 million patients.
“These attacks show that the health sector is still not sufficiently aware of the vital importance that cybersecurity has for the proper functioning of these organizations, and of the need for investments in resources (people, processes and technology) that allow increase resistance and resilience to attacks developed against its infrastructures”.Hugo Nunes, Threat Intelligence team leader at S21sec.
About the report
S21Sec developed the Threat Landscape Report with the aim of raising awareness among companies and organizations, as well as society in general, to the need to strengthen security and to the need for investments in systems and methodologies that protect society against cyber-attacks and cybercriminal threats. Our Cyber Threat Intelligence Unit is made up of expert analysts and engineers with intelligence knowledge and a counterintelligence team with access to information and privileged sources. We collaborate with Europol, FBI and police forces, we have S21sec's proprietary technology and we are the only Iberian company listed as a contributor to the prestigious Verizon Cybersecurity Report. Follow all the technological news on TecheNet throughTelegram or WhatsApp. All the news in real time and without delays!Other interesting articles:
Protection against hackers: is an Antivirus the best solution? Android & iOS: 21 paid apps are free for a limited time! The most powerful folding smartphone is not from Xiaomi or Samsung!
