Phishing attacks remains to be top security challenges for healthcare industry

The healthcare industry sustains to be particularly vulnerable to top security challenges, particularly phishing attacks that fool people into clicking malicious links or opening malicious documents.

That is among the findings in the IBM X-Force Threat Intelligence Index 2017, which the company just issued to observe the top security challenges confronted by its clients.

In healthcare industry, two common types of attacks—SQLi and OS CMDi—combined for almost half of all attacks in the health sector. Healthcare records, IBM researchers contend, remain a top prize for cyber criminals and are immensely available on the DarkWeb market, on which compromised business records and other materials are bought and sold.

Other huge attack methods targeting healthcare involve manipulation of data structures and manipulation of system resources. “These attacks concentrate on known vulnerabilities within an application which, when victorious, can lead to complete system compromise,” report writers contend.

On average, clients monitored by IBM experienced 93 security tragedies during the year of 2016, a 48% drop from 2015. Although, that might not indicate a safer threat environment, the vendor asserts. “The reduction in attacks could mean attackers are depending more and more on proven attacks, hence requiring fewer attempts. Furthermore, the combination of massive record leaks and a record year of vulnerability disclosures also paint a different picture.”

“One positive development during the year of 2016 is that several companies now are using more secure hashing functions such as bycrypt to store passwords,” in accordance to IBM. This means that even after a breach, passwords might be more complex to crack.

The top types of attacks for monitored security clients in the year of 2016 were injection of malicious data (experienced by 42% of its clients), manipulation of data structures to gain unauthorized access (32%) and collection/analysis of information (9%). The complete IBM report is available here.