The report by Netskope Threat Labs also examined the continued increase in cloud app adoption in the healthcare sector as well as malware trends across the sector.
Netskope Threat Labs has today published its latest research report, revealing that the infostealers were the primary malware and ransomware families used to target the healthcare sector. Healthcare was among the top sectors impacted during 2023 by mega breaches, an attack where over one million records were stolen.
Speaking on the findings, Paolo Passeri, Cyber Intelligence Principal at Netskope said, “Infostealers are among the top threats for the healthcare sector and this is reflected in the fact that during the course of 2023 many healthcare organisations were the targets of mega breaches, and among the top targets of the massive Clop campaign exploiting the CVE-2023-34362 vulnerability.”
Key findings include:
● Key target for infostealer attacks: Infostealers are a prominent malware family for the healthcare sector as attackers attempt to steal valuable data from organisations and patients in order to further blackmail or ransom the data.
● Malware downloads increased in 2023 but plateaued in H2: Cloud delivered malware ended the year at approximately 40% of malware downloads in the healthcare sector after a peak of 50% in June which then dipped a little in the second half of the year. Healthcare trended slightly below other industries but cloud-delivered malware in the sector grew considerably year-on-year – up from just 30% a year ago.
● Bucking the Microsoft OneDrive malware trend: While Microsoft OneDrive remained the most popular app in the healthcare sector, its use was significantly lower than other sectors. As a result malware downloads through OneDrive were 12 percentage points lower than other industries.
● Slack’s popularity in healthcare: The app was second for uploads (behind OneDrive) and fifth for downloads, significantly higher than in other sectors. However, this usage trend did not correlate with the number of malware downloads from the app – it was not even in the top 10 sources.
“Malware and infostealers shouldn’t be the only concern for the healthcare sector, they should also consider the vulnerability of their supply chain and apply the same zero trust strategy they would in their own organisation to third-parties in the supply chain,” added Paolo Passeri.
