Healthcare Heartbeat Quarterly Threat Report Q3 2020
Introduction
Health-ISAC and Perch Security have created a joint report covering the top cyber threat trends that the healthcare sector faces. The purpose of this report is to share some of the threats and attack trends across the healthcare industry that Perch Security, in collaboration with HealthISAC, have observed over the last quarter. Health-ISAC member products and services are both augmented and supported by trusted intelligence partner relationships. The Perch/ Health-ISAC relationship is unique in that analysts from both Perch and Health-ISAC exchange timely relevant threat intelligence collected and secured within Health-ISAC’s Threat Operations Center (TOC) in Titusville, FL. This unique relationship creates opportunities to collaborate on threats facing the healthcare sector supported with real-time sensor flow of network security data to provide critical insights to member organizations.
Download a pdf of this threat brief here:
Executive Summary
The third quarter of 2020 saw continued growth in cyberattacks against healthcare organizations across the globe. The remote workforce brought on by COVID-19 has created a unique set of challenges for information security providers and high-value targets for threat actors. The unfortunate resurgence of Emotet has been a continuous source of pain and initial access into organizations across the world. Further, ransomware damages and related disruptions to patient care is the number one issue facing the healthcare sector. As always, the goal of Health-ISAC is to serve our membership as effectively as possible to ensure patient care goes unaffected in continually difficult times. This Threat Report serves to provide guidance and information regarding these key threats.
Threat and Attack Trends for Q3 2020 — Foreword from H-ISAC
Pharmaceutical firms continue crucial research and development to develop COVID-19 vaccines and treatments. Healthcare providers care for patients infected with the virus. The global healthcare sector proceeds with their respective missions. These global healthcare sector businesses perform their crucial missions while cyber threats like ransomware worsen. The Perch and Health-ISAC partnership is so valuable, in my opinion, because reports like this bring quantitative and qualitative reality to life. We’re not just guessing these threats exist. We know it because we see it in Perch’s reporting – and we see specifically impacting Perch’s healthcare clients. I encourage healthcare firms to learn from the threats discussed here, use it to explain the sector threats to your senior leadership, hopefully get more resources and implement the recommendations detailed here.
Errol Weiss, CSO
Foreword from Perch Security
“Perch Security provides threat detection and response services for thousands of organizations around the world, and as such, our primary focus is knowing what it takes to keep systems and users safe. The threats we see today are numerous and growing, but one thing that has not changed is the success of phishing. The biggest threat we have observed to our customer’s networks is ransomware, with environments commonly compromised through phishing. New vulnerabilities such as ZeroLogon have also emerged, giving attackers a strong path for privilege escalation after a successful phish.”
Taylor Green, SOC Director
Please download full report on the link above.
- Related Resources & News
- 2024 Newsletter – November
- How Healthcare Facilities Can Prepare for All Types of Emergencies
- Health-ISAC Hacking Healthcare 10-24-2024
- UnHack (the Podcast): Generating Cyber Resilience Through Collaboration with Errol Weiss
- Newfangled and Fastest-Growing Phishing Cyberattacks: Updated Guide for Healthcare Leaders
- Health-ISAC Hacking Healthcare 10-15-2024
- Health-ISAC Welcomes Booz Allen Hamilton to the Ambassador Program
- Health-ISAC Hacking Healthcare 10-9-2024
- Monthly Newsletter – October 2024
- Health ISAC leads effort to transform SBOM information sharing under CISA-facilitated community work