Analecta Cyber Company Blog: How DDoS Attack Increase May Affect Healthcare Cybersecurity

2016-05-24

How DDoS Attack Increase May Affect Healthcare Cybersecurity

An increase in DDoS Attack may affect healthcare cybersecurity. In the last quarter of 2015, reports showed an increase of DDoS attacks by 40%. As a healthcare provider, you need to understand how web application & DDoS of attacks could affect the entire healthcare industry.
A Distributed Denial of Service (DDoS) is a special type of cyber attack that overloads a system. Hackers use a myriad of connections to crush an organization’s system. These attacks aren't easily stopped by blocking an IP address since hackers are often using a large network of zombie systems (a bot net) to create this number of connections simultaneously. Traditional approaches to stopping a Denial of Service (DoS) attack are simply ineffective.

For the healthcare industry, two common targets that are especially damaging are email servers and electronic Health Records (eHR) platforms. Healthcare providers could be denied access to critical information and patient data. There's also a risk that these attacks could expose or accidentally release Patient Health Information (PHI).

In recent DDoS attacks, hackers used specialized tools to stress unsecured devices in healthcare networks. Since these attacks are based on infected bots, the attack ends when the healthcare provider successfully mitigated the attack, when the bot net was taken down or when the malicious actor decided to end the attack. Researchers found that on average there are 24 attacks per customer, a 30% increase from prior periods.

Although the healthcare industry is not the most affected by Web Application attacks, the attacks still constitute a significant risk to eHRs and other healthcare provider data systems. DDoS attacks could continue to increase as eHR data is a valuable target for hackers, worth 10x the value of a credit card or other finance data record.