- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
Phishing Top Threat to US Healthcare
New research by the Healthcare Information and Management Systems Society (HIMSS) has found phishing and ransomware attacks are the most significant security incidents impacting healthcare organizations of all types.
The finding emerged from the 2021 HIMSS Healthcare Cybersecurity Survey that questioned 167 healthcare cybersecurity professionals about security incidents their organizations had experienced in the past twelve months.
Nearly half (45%) said the most significant security breach they had experienced in the previous twelve months was a phishing attack, while a further 17% named ransomware as their worst aggressor.
Asked about the cause of their most significant breach, more than half (57%) said phishing was to blame. Negligent insider activity was named by 7% of respondents as the cause of the most significant security incident.
While email-based phishing attacks accounted for most (71%) of the significant security breaches, 27% had suffered a significant vishing (voice phishing) incident and 21% said they had been the victim of a significant smishing (SMS phishing) attack.
In 15% of attacks, the initial point of compromise occurred through social engineering. However, the most common route into an organization for attackers was phishing, which accounted for 71% of attacks.
Other key findings were that human error was the cause of 19% of data breaches. A further 15% of breaches were pinned on the use of legacy software that is no longer supported.
Asked about the impact of security breaches, 32% said breaches disrupted systems that impacted business operations. More than a quarter (26%) said security breaches disrupted IT systems, and 22% said security breaches resulted in data breaches or data leakage.
Fewer respondents (21%) said security breaches impacted clinical care, and only 17% said the most significant security incident resulted in financial loss.
HIMSS said: “The findings of the 2021 HIMSS Healthcare Cybersecurity Survey suggest that healthcare organizations still have significant challenges to overcome.
“These barriers to progress include tight security budgets, growing legacy footprints and the growing volume of cyber-attacks and compromises.”
The society said that while basic security controls have not been fully implemented at many organizations, “perhaps the largest vulnerability is the human factor.”