Healthcare suffered more from cyberattacks than other industries during the pandemic. The cost per attack rose by 12% in the healthcare sector, which is the highest across all industries; Healthcare is also the industry most likely to suffer from other non-monetary damage, such as: B. application downtime.
A new study by EfficientIP and the International Data Corporation (IDC) shows that the healthcare industry experienced the devastating effects of DNS attacks far more than any other industry during the COVID-19 pandemic. The results show that the average cost per attack in the healthcare sector rose to 707.357 euros, which is an increase of 12% over the previous year and represents the strongest increase of any industry.
Healthcare more vulnerable to negative consequences
The results also show that healthcare is more vulnerable to more negative consequences from attacks than other industries: 53% of healthcare companies surveyed say they are affected by application failures. Healthcare also recorded the highest number of compromised websites with 44% and reputational damage with 31%. Especially in times when the healthcare industry is already struggling with additional burdens in connection with the pandemic, the failure of apps and services or cloud access can have serious consequences for patients and providers.
Other negative impacts include cloud service downtime (46%), lost business (34%) and customer data theft (23%) - an increase of 13% over the last year. Customer information is particularly sensitive in the healthcare sector, which makes it an attractive destination - especially at a time when the industry is under great pressure.
EfficientIP & IDC study prove the numbers
“We all knew that the healthcare industry would be a prime target for cyberattacks during the pandemic,” says Ronan David, VP of Strategy at EfficientIP, “But it's really impressive - and useful - to see the data in black and white. Impressive because we finally have a clear quantitative picture, and useful because we can see where EfficientIP can help healthcare companies better protect themselves from attacks.”
Healthcare experienced an average of 12 DNS attacks over a 6,71 month period, slightly below the industry average of 7,61. It took an average of 6,81 hours to defend against each attack, which is above the industry average of 5,62 hours.
Phishing attacks on top spot
The healthcare industry experienced far more DNS attacks than other industries during the COVID-19 pandemic (Image: efficentIP).
Phishing is the most common type of DNS attack in healthcare, as in many other industries; 49% of the healthcare companies surveyed experienced a phishing attack, which is the cross-industry average. DNS-based malware is also very common in healthcare with 36%, as is DNS tunneling with 29% and DNS domain hijacking with 28%. Compared to the industry average, there were relatively few DDoS attacks in the healthcare sector (the industry average is 29%, the average in the healthcare sector is 19%). The consequences of attacks on healthcare infrastructure can be severe and have a direct impact on patient care.
This makes defense strategies all the more important. To protect themselves, healthcare companies rely on both zero trust and better DNS security. The Threat Report shows that healthcare plans, implements, or operates more zero-trust initiatives than other industries (79%, compared to an industry average of 75%) and is most convinced that DNS domain deny-and -Allow lists for Zero Trust are very helpful in protecting their networks (82% versus 79%).
DNS security as an important building block
Like many other industries, the healthcare sector sees DNS security as critical to protecting a decentralized workforce (54% of healthcare companies surveyed agreed with this statement). A full 78% said DNS security is an important part of their network architecture. 27% of healthcare organizations also believe that better monitoring and analysis of DNS traffic could help prevent data theft.
For more information on the impact of DNS attacks on the healthcare sector and how organizations can step up their response, see the full report. The 2021 Global DNS Threat Report is available online.
More at EfficientIP.com
EfficientIP
EfficientIP is a network automation and security company specializing in DNS-DHCP-IPAM (DDI) solutions. The aim of EfficientIP is to support companies worldwide in increasing their business efficiency by providing an agile, secure and reliable infrastructure. Integrated solutions enable IP communication and simplify network management through end-to-end visibility and intelligent automation, while patented technology secures DNS services to protect data and ensure access to applications. Companies in all industries rely on EfficientIP to master the challenges of central IT initiatives such as cloud applications and mobility.