Symantec recently released its 2016 Internet Security Threat Report.
The annual report (this year is its 21st edition) is intended to provide an overview and analysis of the year in global cybercrime threat activity. Data included in the report comes from the Symantec Global Intelligence Network, which monitors threat activity in over 157 countries and territories.
While the report does not focus on healthcare specifically, the statistics and facts provide valuable insight into cybercrime and the rapidly growing, rapidly evolving efforts of cybercriminals worldwide. Other industry reports have noted that 91% of all healthcare organizations reported at least one data breach over the last two years, and cyber attacks are expected to affect one in three Americans this year and cost the U.S. healthcare industry more than $6 billion .
Here are 10 key takeaways from Symantec's new report for healthcare providers to know.
1. The largest number of breaches took place within the health services sub-sector, which comprised 39% of all breaches in 2015.
2. There were more than 430 million new unique pieces of malware in 2015. That's up 36% from the year before.
3. The number of zero-day vulnerabilities — holes in software unknown to vendors and exploited by cybercriminals — discovered in 2015 more than doubled to 54. That's a 125% percent increase from the year before, and roughly one zero-day vulnerability found every week.
4. There were over 1 million web attacks against people every day in 2015.
5. Over half a billion personal records are believed to have been stolen or lost in 2015. Nine mega-breaches — defined as a breach of more than 10 million records — were reported in 2015. That's a new record.
6. More than 75% of legitimate websites have unpatched vulnerabilities that put visitors at risk. To make matters worse, 15% percent of legitimate websites have vulnerabilities deemed "critical." This means it takes little effort for cybercriminals to gain access and manipulate these sites.
7. Ransomware — when cybercriminals use encryption to hold companies' and individuals' data hostage — increased 35% percent in 2015. And healthcare providers are growing targets.
8. There were more than three times as many Android apps containing malware in 2015 than in 2014. That's an increase of 230 percent. Apple users aren't safe either; the number of threats and infected iOS apps increased in 2015.
9. Small businesses are a growing target. The last five years have shown a steady increase in attacks targeting businesses with less than 250 employees.
10. Attacks using spear-phishing campaigns — the act of spoofing a legitimate email address to lure targeted users to fake websites or reveal personal information — saw a 55% increase in 2015.
Healthcare data is under attack. As the report reveals, data breaches are a common daily occurrence, while theft of medical records and ransomware infections cripple computer systems that cause extensive downtime. This is the reality healthcare organizations face today.
Fortunately, the fight against cybercrime doesn't need to be a losing battle. Healthcare providers count on PriorityOne Group's data security and compliance services to protect millions of medical records. Contact us today to learn how PriorityOne Group can help keep cybercriminals at bay and make sure your patients don't become a cybercrime statistic.