Trustwave, a leading cybersecurity and managed security services provider, has recently released a comprehensive research report focused on actionable cybersecurity intelligence for the healthcare industry. The report, titled Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape, sheds light on the unique cybersecurity risks faced by healthcare organizations and provides practical insights and mitigations to strengthen their defenses.
With cyber threats constantly evolving, healthcare organizations have become prime targets for malicious actors employing various attack vectors. Trustwave SpiderLabs, in their research, has documented the attack flow utilized by threat groups, revealing their tactics, techniques, and procedures. From phishing emails to exploiting known vulnerabilities and compromising third-party vendors, these persistent threats pose significant risks to the industry.
While the healthcare sector is not alone in facing an elevated threat landscape, the consequences of attacks in this sector can be particularly severe, even fatal. Adversaries are highly motivated by financial gains and continuously refine their techniques to surpass existing defenses. In fact, data from the Ponemon Institute shows that the average cost of a data breach in healthcare was $10.1 million in 2022, more than double the industry average of $4.4 million.
Kory Daniels, the Chief Information Security Officer of Trustwave, emphasized the importance of protecting the supply chain and maintaining business continuity in the healthcare sector. In addition to these considerations, healthcare cyber leaders also face unique challenges in safeguarding patient well-being, maintaining quality of care, and leveraging digital technologies. The Trustwave SpiderLabs report serves as a valuable resource for security leaders within the healthcare sector, providing a comprehensive view of the threats observed by the SpiderLabs team and offering specific mitigation strategies to bolster defenses.
The report analyzes threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. It highlights methods such as leveraging valid access credentials, exploiting unsecured credentials, and utilizing Webshells. The report also identifies specific vulnerabilities that act as entry points for attackers, such as Apache Log4J (CVE-2021-44228) and Spring Core RCE (CVE-2022-22965). Furthermore, the report highlights the high activity of prominent ransomware gangs like LockBit and ALPHV/BlackCat, who specifically target healthcare entities.
Trustwave SpiderLabs’ research provides healthcare organizations with valuable insights into the multitude of attack groups, malware variants, and techniques deployed against them. The report delves into emerging and prominent trends in the healthcare industry, cybersecurity challenges unique to healthcare, and prevalent threat actors and tactics operating within the healthcare sector.
To access the full Trustwave SpiderLabs threat report, Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape, please visit their website.
Trustwave is a recognized global cyber defender that stops cyber threats every day. Their expertise lies in detecting threats that others cannot see, allowing them to respond quickly and protect their clients from the devastating impact of cyberattacks. Trustwave utilizes a world-class team of security consultants, threat hunters, and researchers, along with a market-leading security operations platform to identify and isolate threats with the right telemetry at the right time for an effective response.
Trustwave is a leader in managed detection and response (MDR), managed security services (MSS), consulting and professional services, database security, and email security. Their elite Trustwave SpiderLabs team provides award-winning threat research and intelligence, which is integrated into their services and products to fortify cyber resilience in the face of advanced threats.
