Attacks on web applications targeting the healthcare industry have risen 51% since COVID-19 vaccines were introduced, according to cybersecurity firm Imperva. The rise in cyberattacks was seen when vaccines were released between November and December 2020.
On the contrary, the research indicates that, as the volume of attacks increased, the number of violations decreased. The researcher posited that as healthcare organizations spent more time supporting remote work, other areas such as threat investigation, incident response, and incident analysis were adversely affected. Researchers warned of more cyberattacks targeting the healthcare industry in 2021.
Four categories of web application attacks increased after the launch of COVID-19 vaccines
Imperva researchers noted that four types of web application attacks skyrocketed after the introduction of COVID-19 vaccines.
Protocol tampering attacks increased by 76%, while Remote Code Execution (RCE) increased by 68% from November to December 2020 when COVID-19 vaccines were released. SQL injection (SQLi) increased by 44%, while cross-site scripting (XSS) experienced an increase of 43%.
Healthcare organizations experienced 187 million attacks monthly, with SQL injection and cross-site scripting attacks the most detected by volume.
Each healthcare organization experienced approximately 498 attacks monthly, representing a 10% year-on-year increase. The top target countries in the world were the United States, Brazil, the United Kingdom, and Canada.
The new research indicates that while ransomware attacks receive the most publicity, attacks on web applications were the most frequent.
Notable attacks include the theft of Pfizer COVID-19 vaccine data that took place in December 2020. Data was illegally accessed from the servers of the European Medicines Agency (EMA).
The leak was discovered by the EMA and police after the stolen data appeared on clandestine hacking forums on December 31, 2020. The attack was one of similar incidents collectively described as a “global phishing campaign” targeting organizations. developing COVID-19 vaccines.
On March 14, 2020, Hammersmith Medicines Research was hit by a maze ransomware attack, receiving massive publicity. The incident took place four days before the threat actor promised to stop targeting health systems. However, they continued to demand a ransom from the research center, even leaking data online to coerce the payment.
Increased adoption of IT for healthcare broadens the landscape of attacks
The report noted that the adoption of information technology in the healthcare industry increased rapidly during the pandemic.
“By some estimates, what would normally take 10 years to achieve now will be done in three years,” the report said.
Growth was associated with reliance on third-party applications rather than developing in-house solutions. While the adoption of third-party applications had some benefits for organizations, the reliance on third-party applications opened up a new threat landscape that predisposed organizations to various web application attacks.
For example, patching critical vulnerabilities in third-party applications can only be done according to the vendor’s schedule.
Similarly, the vulnerabilities that affect popular third-party applications are widely known. Threat actors also frequently conduct zero-day investigations on the most used third-party health applications to discover new vulnerabilities.
Imperva suggested that more violations would be reported in 2021, including those that were initially ignored. Coincidentally, there was a 43% increase in data breaches within the first three days of 2021.
“Healthcare took a hit in 2020, and it looks like 2021 will bring more of the same,” says Saryu Nayyar, CEO of Gurucul. “The COVID-19 pandemic changed the way we work, with a massive shift to remote work for those who can, and that brought new cybersecurity challenges as organizations improved their security to deal with new threats.” .
“This was a particular challenge for the healthcare industry, which had the added challenge of an unprecedented number of patients straining their resources and leaving few cycles to deal with cyber threats.”
Healthcare organizations must keep up with evolving threats
Imperva advises healthcare organizations to undertake various mitigation efforts to defend against different forms of web application attacks as the threat landscape evolves and expands.
Organizations should invest in data and application security solutions that offer multi-layered protections to secure data in transit. This is necessary as the data resides on multiple platforms and is served through various APIs.
Healthcare organizations must also move away from point solutions and engage partners with integrated platforms that protect “against major attacks and optimize web performance, helping the organization to operate more efficiently and securely,” the report stated.
Imperva also reminds healthcare organizations striving for regulatory compliance, adding that “most privacy and data security regulations require healthcare providers and payers to demonstrate monitoring and access controls for all access to confidential patient medical information “.
Commenting on the rise in web application attacks since the introduction of COVID-19 vaccines, Chloé Messdaghi, chief strategist at Point3 Security, says that health care has always been the target of cybercriminals because health data is very valuable.
She suspects that threat actors worked on behalf of their countries or clients to steal COVID-19 vaccine test and treatment data.
“When attackers gain access to healthcare data, they often collect intellectual property information: how a vaccine was created, other drugs or a treatment plan, how effective the measure was, who it might have been tested on,” says Messdaghi . “In this current pandemic, threat actors are likely working on behalf of other nations or competitors trying to develop vaccines themselves.”
Since the introduction of COVID19 vaccines, web application attacks on #healthcare increased by 51%, with the United States, Brazil, the United Kingdom and Canada being the hardest hit. #cybersecurity #respectdata
It adds that the urgency surrounding COVID-19 vaccines would force affected organizations to pay the ransom to avoid disruptions. On a positive note, Messdaghi says increased healthcare cyber attacks would help the sector improve its cybersecurity defenses.