Risks and Side Effects of Missing Security Measures

Risks and Side Effects of Missing Security Measures

Recent study by Mimecast highlights level of security threats in healthcare.

Cyberattacks in the healthcare sector can have serious consequences. Victims face more than reputational or monetary losses: in the worst cases, healthcare suffers. According to Mimecast’s latest State of Email Security Report, 71 percent of German healthcare organizations surveyed noticed an increase in threatening emails over the past year.

Healthcare is an extremely lucrative target for hackers: On the one hand, the IT infrastructure in many hospitals and healthcare facilities is outdated and the security budget is often rather tight. On the other hand, a large amount of sensitive, personal data is generated and processed within this sector – a real goldmine for hackers.

Risk of careless employees

 

Ransomware attacks in healthcare are able to lock down systems that have an impact on human life – for example, medical devices that monitor patient conditions. They can also encrypt access to important patient data. The September 2022 attack on Munich-based Caritas is just one example. The organization expects significant disruptions that will last well over a week. It is all the more concerning that two-thirds of the organizations surveyed in the study experienced a disruption to their business operations in the wake of a ransomware attack last year. The average downtime was 5.7 days.

But ransomware isn’t the only thing wreaking havoc in the healthcare sector. 63 percent of respondents noted an increase in phishing, and about half said they have seen corporate brand misuse through spoofing emails. However, only 42 percent have an email security system that detects malware or infected links. However, employees’ own careless actions are still considered the main gateway. 84 percent of respondents believe it is likely that employees are making a serious security mistake in their personal handling of e-mail.