![]() Data smuggler activity has largely increased, which can occur when patient medical records are transferred to cloud storage.įrom January-May 2020, the Vectra Cognito® Network Detection and Response (NDR) platform detected and correlated behaviors consistent with attacker behaviors in host devices, assigned a threat-severity score, and prioritized the highest-risk threats to healthcare.Smash-and grab behaviors have increased significantly, which can occur with a medical device that instantly sends large volumes of data to a hosted cloud site.Europe, the Middle East, and Africa (EMEA) and North America have shown an increase in the volume of external data movement, known as exfiltration.The doubling of data exfiltration behaviors, which indicates data leaving internal healthcare networks to external destinations like cloud services.A 38 percent increase in command-and-control behaviors from January-May 2020, which indicates remote access of internal systems by the remote workforce.Upon closer examination, these behaviors were found to be from cloud migration activities, and not attackers. Vectra investigated network behaviors that are consistent with threats across the entire cyberattack lifecycle – botnet monetization, command and control, internal reconnaissance, lateral movement, and data exfiltration. Highlights from the Vectra 2020 Spotlight Report on Healthcare To do so requires pan-organizational cooperation among IT and security teams as well as visibility that integrates the cloud and the on-premises infrastructure to enable a truly comprehensive threat detection and response capability. Security teams must now urgently grapple with where healthcare data resides and how to safeguard it. “That growth is most likely due to how the NHS has traditionally worked in siloed data centers behind a firewall and has now shifted to the COVID-19 world of cloud-based collaboration.” “This year we observed a stark and sudden growth in data movement outside of our organization’s traditional boundaries,” said David Willis, head of cyber, governance and assurance at the Greater Manchester Health and Social Care Partnership, National Health Service, in the United Kingdom. This trend will persist well after the pandemic.” ![]() This is especially true when cloud adoption happens faster than proper due diligence can be applied by information security personnel. “While cloud computing better optimizes the use of resources in healthcare, it also creates significant risks. “Healthcare providers have been tasked with quickly leveraging remote access and cloud analytics to scale their operations,” said Chris Morales, head of security analytics at Vectra. However, healthcare has suffered the most sudden and rapid pivot to support overwhelmed infrastructure and increased collaboration using the same strapped IT and security resources. The COVID-19 pandemic has sparked the global adoption of cloud services across all industries. The latest Spotlight Report on Healthcare is based on observations and data from January-May of this year using a sample of 363 opt-in enterprise organizations in healthcare and eight other industries. SAN JOSE, Calif., JVectra® AI, a leader in network threat detection and response (NDR), today released its 2020 Spotlight Report on Healthcare, which shows an upward trend in exploitable behaviors and discredits claims that external threats would lead to increased internal threat activity.
0 Comments
Leave a Reply. |