Skip to main content
close search
site logo
Dive Brief

Repeat cyberattacks a reality for 1 in 3 healthcare employees, survey shows

Published Dec. 18, 2018
By
Contributor
Getty

First published on

Healthcare Dive

Dive Brief:

  • A third of healthcare organization employees who have experienced a ransomware attack said it was not the first time their organization had been victimized, according to a new Kaspersky Lab report.
  • The cybersecurity firm commissioned Opinion Matters to survey 1,758 employees of U.S. and Canadian healthcare organizations. Among those reporting ransomware attacks, more than 80% admitted knowledge of up to four such attacks. In fact, 78% of U.S. respondents and 85% of Canadian ones said their organization had experienced up to five attacks.
  • Among health IT employees, 27% said their organization had experienced a ransomware attack within the past year.

Dive Insight:

Cybercriminals see a potential treasure trove in personal health data and have stepped up malware and ransomware attacks in recent years to access it, disrupting services and threatening to sell information on the darknet. The May 2017 WannaCry ransomware attack froze computers at hospitals in the United Kingdom and affected businesses in 104 countries worldwide. Not far behind was another virus, a strain of Peyta, which spread across Europe before hitting U.S. targets

According to HHS, more than 110 hacking and IT-related incidents affecting 500 or more people have occurred in U.S. healthcare organizations this year. A Proteus analysis put the number of patient records breached in the third quarter of 2018 alone at more than 4.4 million.

"Healthcare companies have become a major target for cybercriminals due to the successes they'd had, and repeatedly have, in attacking these business," Rob Cataldo, vice president of enterprise sales at Kapersky Lab, said in a statement. "As organizations look to improve their cybersecurity strategies to justify employee confidence, they must examine their approach. Business leaders and IT personnel need to work together to create a balance of training, education, and security solutions strong enough to manage the risk."

When it comes preventing cyberattacks, organization size can make a difference. Nearly eight in 10 employees at large enterprises and three-fourths of those at small to medium businesses said they would report a suspicious email to their company's IT teams, compared with 57% of workers in very small businesses.

Roughly a fourth of all respondents expressed confidence in their employer's cybersecurity strategy, but just 14% believe their organization has adequate cyber controls for connected medical devices and 11% said better security was needed for when employees work remotely. 

Employees top reason for wanting cybersecurity measures is to protect patients (71%), following by protecting organizations and employees (60%) and job security in the event of a cyber incident (31%). 

Recommended Reading

Filed Under: Cybersecurity

Editors' picks

Company Announcements

View all | Post a press release
Powerful Medical Becomes the First Company to Win Best Science Startup and Overall Winner at A…
From Powerful Medical
November 21, 2024
Osteal Therapeutics Announces Positive 12-Month Results from the APEX Clinical Trial Program a…
From Osteal Therapeutics
November 14, 2024
Echosens Launches its Liver Health Management (LHM) Platform Globally, Streamlining Liver Care
From Echosens
November 04, 2024
New Published Study Shows MedLite ID as Faster and Simpler Solution to Primary Medication Infu…
From Orion Innovations
November 20, 2024
Editors' picks
Latest in Cybersecurity
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell