Health data particularly attracts criminals
A recent IT security report from IBM lists the biggest cyber threats of the past year. It shows that cyberattacks on the healthcare industry have reached unprecedented levels and will continue to keep affected organizations on their toes. Cyber threats from insiders - often employees or contractors within companies - also continued to grow in 2015.
"In 2014, the healthcare sector was not even in the top five on our ranking of the most frequently attacked industries," says Gerd Rademann, Business Unit Executive, IBM Security Systems DACH. "That changed rapidly during 2015 - today, for tangible reasons, the healthcare industry is the most popular target of cybercriminals, ahead of manufacturing and finance."
The hunt for patient data is on
Patient records, for example, are now a hot commodity on the Internet black market. The reason for this is the shelf life of this loot: a credit card number can be easily changed, but patient records store unique personal information, such as date of birth, social security numbers, or even medical diagnoses. Based on this loot, cybercriminals also like to commit other crimes, such as identity theft or extortion.
The enemy in our own ranks
Social media, the cloud and big data, not to mention the increased use of smartphones and tablets in companies are creating more and more attack surfaces if they are inadequately secured: According to IBM, 60 percent of cyberattacks in 2015 came from within the ranks of the affected organizations (2014: 55%). Attackers are, for example, disgruntled ex-employees who still have passwords or even set up access before they leave the company.
These insiders with motive accounted for nearly half - 44.5 percent - of all attacks in 2015 (2014: 31.5%). Careless or manipulated users were responsible for 15.5 percent of attacks (2014: 23.5%). Outsiders accounted for less than half of all attacks, exactly 40 percent (2014: 45%).
64 percent more security incidents
The IBM Index concludes that serious security incidents have increased at the organizations analyzed: IBM security experts discovered a total of 178 so-called "security incidents" in 2015, up from 109 in 2014 - a 64 percent increase. Security incidents are cyber attacks or incidents that cannot be attributed to the usual noise of thousands of annual threats, but are so serious that the analysts have to take a closer look at them.
Read more about the results of the IBM Cyber Security Intelligence Index 2015: http://ibm.co/1SZ3Dyy
