.
S21sec has published its Threat Landscape Report, which provides an overview of the most relevant threats of the first half of 2022. According to the study, which aims to analyze the main vulnerabilities and cyber risks in strategic sectors worldwide, the health sector is one of the most affected, with more than 88 confirmed cyberattacks during the first six months of the year.
Since the beginning of the pandemic, the health sector has positioned itself as one of the main targets of cybercriminals, demonstrating a high degree of exposure to cyberattacks. Among the top threats recorded during the first half of 2022, S21sec’s Threat Intelligence team detected an increase in ‘data breaches’ (information/data compromise or leakage) in hospitals and clinics, as well as the sale or auction of access to technological infrastructures in the health sector and also ransomware attacks on organizations in this sector.
A total of 50′ were identifieddata breaches’ during this period, a number that, according to experts, could actually be substantially higher because some clinics, hospitals and other organizations do not report or publish the incidents due to ignorance or fear of reputational damage, and because in some cases the hackers do not advertise abroad the sale of the stolen data.
According to this report, sales or auctions of access to hospital and clinic infrastructure (many of them access with elevated privileges or infrastructure administrators) increased in forums and chats on the Deep and Dark Web. During the first half of the year, a total of 33 sales or auction publications were recorded, without taking into account those carried out in private channels or forums with greater access restrictions.
“Health-related data has become quite valuable and attractive for sale by cybercriminals. The information is so valuable that we have observed auctions for the sale of information about hospitals in the United States, Canada, France and the United Kingdom with an initial bid price between 3,000 and 5,000 euros”.
Hugo Nunes, Threat Intelligence team leader at S21sec.
In addition to hospitals and clinics, there has also been an increase in cyberattacks on companies in the health industry, such as pharmaceutical and biotechnology companies, medical research organizations or medical platforms on the Internet, since information from these entities is also very profitable for cybercriminals.
“These attacks could have a huge impact both for organizations in the health sector and for the common person, as they can lead to great financial losses, disruption of medical services and the normal procedures followed by institutions and this can jeopardize the provision of health services. of the best possible service to the user or patient.“
Hugo Nunes, Threat Intelligence team leader at S21sec.
Among the attacks carried out during the first half of the year, the Ransomware attack on Centro Hospitalar de Setúbal, the attack suffered by Hospital Garcia de Orta in April (which triggered the activation of a contingency plan, limited the access to information and conditioned several medical acts) and the information leak at the Shields Health Care hospital in early June, which compromised data on more than 2 million patients.
“These attacks show that the health sector is still not sufficiently aware of the vital importance that cybersecurity has for the proper functioning of these organizations, and of the need for investments in resources (people, processes and technology) to increase resistance and resilience. to attacks developed against its infrastructures”.
Hugo Nunes, Threat Intelligence team leader at S21sec.
about the report
S21Sec developed the Threat Landscape Report with the aim of raising awareness among companies and organizations, as well as society in general, to the need to strengthen security and to the need for investments in systems and methodologies that protect society against cyber-attacks and cybercriminal threats.
Our Cyber Threat Intelligence Unit is made up of specialized analysts and engineers with knowledge of intelligence and by a counterintelligence team with access to privileged information and sources. We collaborate with Europol, FBI and police forces, we have S21sec’s proprietary technology and we are the only Iberian company listed as a contributor to the prestigious Verizon Cybersecurity Report.
Follow all the technological updates on TecheNet through telegram or Whatsapp. All the news in real time and without delays!
Other interesting articles:
.
