For HomeFor BusinessFor Partners
Business Insights
4 min read

Telehealth Now the Biggest Cyber-Threat to Healthcare, New Data Shows

Filip Truta

September 15, 2020

Telehealth Now the Biggest Cyber-Threat to Healthcare, New Data Shows
  • The adoption of telehealth vendors has significantly expanded healthcare providers' attack surface
  • Researchers find a noticeable increase in leaks from primary healthcare and telehealth companies on the dark web since February 2020
  • Threat actors use strains of ransomware that are uniquely tailored to take down healthcare IT infrastructures
  • Despite new risks from telehealth vendors, the healthcare sector has improved its security posture compared to 2019

While COVID-19 has proven the healthcare industry's overall resilience, it has also increased its cybersecurity risk. A new report indicates that the rapid adoption and onboarding of telehealth vendors has led to a significantly increased digital footprint and attack surface, leaving both provider and patient data at risk.

The term telehealth is used to refer to the distribution of health-related services and information via electronic information and telecommunication technologies. A brief from the U.S. Department of Health and Human Services reveals that number of telehealth primary care visits increased 350-fold from pre-pandemic levels at the height of the pandemic.

SecurityScorecard and DarkOwl jointly reviewed the 148 most-used telehealth vendors and found that these providers have experienced a nearly exponential increase in targeted attacks as popularity skyrocketed. Researchers uncovered:

  • 117% increase in IP reputation security alerts – malware infections, as part of successful phishing attempts and other attack vectors, ultimately cause IP reputation finding issues
  • 65% increase in patching cadence findings – the regularity of installing security patches; often one of the primary security policies that protect data
  • 56% increase in endpoint security findings – exploited vulnerabilities in endpoint security enable data theft
  • 16% increase in application security findings – patients connect with telehealth providers using web-based applications including structured and unstructured data
  • 42% increase in FTP issues – an inherently insecure network protocol
  • 27% increase in RDP issues – remote desktop protocol has seen increased usage since the widespread adoption of remote work

Researchers found a noticeable increase in leaks from primary healthcare and telehealth companies across the dark web since February 2020.

“There was evidence of prolific and emerging threat actors selling electronic patient healthcare data, malware toolkits that specifically target telehealth technologies, and strains of ransomware that are uniquely configured to take down healthcare IT infrastructure,” according to a joint press release from the two firms.

Despite new risks from telehealth vendors, the healthcare sector has improved its security posture compared to 2019, researchers said. The industry moved to 9th place out of 18 reviewed industries (up from 10th in 2019.

“This is heartening, especially as the industry has been overwhelmed by an influx of patients, limited resources, rationing, and other challenges due to COVID-19,” SecurityScorecard researchers said.

 

tags

Business Insights

Author

Filip Truta

Filip Truta

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.

View all posts

Right now Top posts

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

Bitdefender Threat Debrief | November 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | November 2024

November 07, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Bitdefender Threat Debrief | October 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | October 2024

October 10, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Enterprise Security Endpoint Protection & Management

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Bitdefender Enterprise

November 21, 2024

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Enterprise Security Endpoint Detection and Response

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Jade Brown and Nikki Salas

November 20, 2024

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Enterprise Security Endpoint Protection & Management Endpoint Detection and Response

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Daniel Daraban

November 19, 2024

Bookmarks

loader