Health Data Breach Tally Update: What’s Been Added?
Business Associate Reports Ransomware Attack; Hacks Still Biggest Cause of Breaches
Delayed Detection … As shown in the DMS hacking incident, delayed detection of breaches is an ongoing challenge.
“On average, a hacker is in a system or network for 204 days before being detected,” says Tom Walsh, president of consulting firm tw-Security.
To speed up detection, entities should practice “careful correlation and monitoring of audit logs using a security information and event management system to detect abnormal user behavior,” he says. “Most smaller organizations should consider outsourcing that to a managed service to avoid capital expenditures and the advanced internal training necessary to interpret the log findings.”
Persistent Threat … Hacking attacks are likely to continue to be the No. 1 cause of health data breaches, security experts say.
“Hacking, especially ransomware, is a lucrative business. It has low startup and operating costs, low likelihood of being caught and prosecuted, and a high return on investment,” Walsh says. “Hacking is conducted by nation-states, organized crime, political activists, and of course, opportunistic individuals who – in some cases – would rather do hacking than work at a real job.”