Log in
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector news

Healthcare Sector: An Enticing Target for Cyberattackers

05/11/2021 | 02:40pm EDT
May 11th, 2021

RSS Feed

Cybercriminals are the ultimate opportunists-if it is important to you, it is important to them. With that in mind, it's easy to understand why cyberattacks have risen in the healthcare sector over the past year. As the most recent NETSCOUT Threat Intelligence Report noted, vital pandemic industries such as healthcare experienced increased attention from malicious actors, while the global Lazarus Bear Armada (LBA) distributed denial-of-service (DDoS) extortion campaign that began in September 2020 expanded to include healthcare providers. Several factors contribute to making healthcare facilities vulnerable to cyberattack, but the main factor is lack of expertise in IT security.

The digital transformation that has happened in the healthcare industry over the last 10 years has been nothing short of remarkable. However, with this new digital world comes complexity and risk, leaving healthcare providers in an alarming position to cope with a new set of challenges.

Healthcare Network Vulnerabilities

In the healthcare industry, most investments are made in medical equipment and technology, not in cybersecurity solutions. Moreover, the emphasis in hiring is placed on doctors, nurses, and researchers, not on cybersecurity experts. Many healthcare organizations (especially smaller hospitals) do not have staff and often lack the resources to proactively address cybersecurity. Unpatched versions of Microsoft Windows vulnerable to compromise may exist in these healthcare facilities, for example. Basic cybersecurity knowledge and hygiene such as knowing how to recognize phishing emails, not clicking on unknown malicious URLs, updating passwords on a regular basis, continuously backing up systems, and encrypting confidential data fall by the wayside, posing major risks to these organizations.

Healthcare Is the New Sweet Spot for Bad Actors

Bad actors keep refining their approaches to cyberattacks at a rapid rate, making it challenging for healthcare IT to get ahead of types and approaches of new attacks. For one, the value of medical records is growing on the black market. According to Experian, a provider of information services, a single patient health record could sell for around $1,000. These records include social security numbers, medications, and credit card information, making large-scale attacks worth millions.

Secondly, DDoS and ransomware attacks against healthcare organizations are a common occurrence. Launching a DDoS attack has never been easier: The availability of DIY attack tools or very inexpensive (i.e., $5/hour) DDoS-for-hire services enables anyone to execute an attack. On the ransomware side, interested parties can easily access affiliate programs to buy multiple ransomware malware families, each with publicly available source code. There is even an ample supply of online tutorials and how-to guides to teach the bad actors how to use these new purchases. Both DDoS and ransomware attackers are motivated by money and prey on unprepared targets. That is, ransomware attackers are hoping their victim does not have proper data backup/restoration or network segmentation plans in place, whereas DDoS attackers rely on the victim's lack of adequate DDoS protection.

Remedy: Visibility for Proper Cybersecurity

Security and IT operations teams must work together and share solutions to support the organization's network performance and security efforts. The teams work best when they rely on a common set data derived from a comprehensive monitoring platform. This type of shared architecture also promotes increased collaboration between security and operations teams, thus ensuring a stronger security posture. It also leads to greater cost savings and operational efficiencies, especially welcome in healthcare organizations with lean IT departments. Most importantly, however, it provides a vital multidimensional architectural concept of visibility that combines comprehensive internal/local network visibility with external/global threat intelligence.

The first dimension of visibility is breadth. This encompasses the entire network and the entire globe-including hybrid cloud environments and providing visibility into traffic traversing both north-south and east-west directions. The ability to visualize end-to-end conversations within or across hybrid cloud environments is one of the biggest challenges healthcare organizations face today. Visibility is the foundation for comprehensive and effective network and application performance analysis and cybersecurity. Without it, network teams run the risk of not knowing what's causing network or application slowdowns or failure. Security teams run the risk of missing cyberthreats that can severely impact the organization.

The next dimension in visibility is depth. Deriving key metadata and ultimately packets from the monitored network traffic provides a level of context and insight that can inform network performance and/or security use cases. The volume and variety of this data can prove overwhelming though. Generating a higher, more valuable level of data that provides greater insight is a critical step.

This depth of data provides better insight into issues and helps network and security teams determine whether or not they are seeing something about which they should be concerned. For instance, if they notice a critical database server is receiving messages from a location that should not be communicating with it, or if they notice an increasing number of error messages or slowdowns in communication to the back end, then that needs to be closely monitored.

Use Case: SecOps Teams Collaborate with NetOps Team

How does this look in real life? At one healthcare organization, the NetOps and SecOps teams used a data center transformation project to move from siloed operations with separate tools to a comprehensive visibility platform.

The organization was in the midst of a data center transformation project during which it was migrating select high-definition imaging workloads to a virtual cloud-based environment. DevOps worked closely with NetOps to ensure they had the means to provide end-to-end visibility into these applications and ensure proper performance. Although the SecOps team had their own budget for cybersecurity tools, they chose to leverage the same network management solutions being used by DevOps and NetOps to secure the digital transformation. They are now formalizing playbooks between all departments to use a common set of network-visibility and smart-data solutions for threat investigation purposes.

Digital Infrastructure: An Essential Healthcare Worker

Today's healthcare environments are complex; Workers access patient-care applications via countless medical applications that operate across private and public cloud, software as a service, and Wi-Fi, using countless medical devices. This makes troubleshooting network disruptions both challenging and time consuming. However, the grim reality is that any delays in access to healthcare information, from appointments to live diagnostic data, can negatively impact patients' care and could even cost lives. In fact, even scheduled downtime poses major risks for healthcare organizations, so it's no surprise the issue is amplified when an application error or attack does occur. To minimize the impact of ransomware attacks, healthcare organizations need to have adequate data backup, network segmentation, and recovery programs. To avoid DDoS extortion, an adequate DDoS protection plan is necessary. Finally, healthcare organizations also need to optimize small network and security teams by using a common set of data and playbooks for performance and security purposes.

Learn more about healthcare security


NetScout Systems Inc. published this content on 11 May 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 11 May 2021 18:39:08 UTC.

ę Publicnow 2021
06/08NETSCOUTá : ISO Certifies NETSCOUT's Security Management Practices
06/07INSIDER TRENDS : NetScout Systems Insider Exercises Option/Derivative Security t..
06/07MAKING ANALYTICS SMARTER : How Smart Data Fuels Effective Analytics
06/02NETSCOUTá : Announces Participation in Upcoming Investor Event
05/27NETSCOUTá : It's Time to Rethink Remote-Work Quick Fixes
05/26NETSCOUTá : Remote Working Changes Are Here to Stay—Are Your Network Vulne..
05/21A YEAR IN REVIEW : Detailed DDoS attack data for South Korea
05/20NETSCOUTá : Management's Discussion and Analysis of Financial Condition and Resu..
05/13A UNITED FRONT : How NetOps and SecOps Can Improve Security
05/12INSIDER TRENDS : Insider 90-Day Selling Trend Added to at NetScout Systems
More news
Financials (USD)
Sales 2022 849 M - -
Net income 2022 25,7 M - -
Net cash 2022 375 M - -
P/E ratio 2022 24,5x
Yield 2022 -
Capitalization 2 261 M 2 261 M -
EV / Sales 2022 2,22x
EV / Sales 2023 1,85x
Nbr of Employees 2 409
Free-Float 56,9%
Duration : Period :
NetScout Systems, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends NETSCOUT SYSTEMS, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus HOLD
Number of Analysts 3
Average target price 28,00 $
Last Close Price 30,66 $
Spread / Highest target -5,41%
Spread / Average Target -8,68%
Spread / Lowest Target -11,9%
EPS Revisions
Managers and Directors
Anil K. Singhal Chairman, President & Chief Executive Officer
Jean Ann Bua CFO, Treasurer, Chief Accounting Officer & EVP
Bruce Allen Kelley Chief Technology Officer & Senior Vice President
Ashwani Singhal Senior Vice President-Research & Development
Thor Wallace Chief Information Officer & Senior Vice President
Sector and Competitors
1st jan.Capitalization (M$)
ACCENTURE PLC9.38%181 337