- The adoption of telehealth vendors has significantly expanded healthcare providers' attack surface
- Researchers find a noticeable increase in leaks from primary healthcare and telehealth companies on the dark web since February 2020
- Threat actors use strains of ransomware that are uniquely tailored to take down healthcare IT infrastructures
- Despite new risks from telehealth vendors, the healthcare sector has improved its security posture compared to 2019
While COVID-19 has proven the healthcare industry's overall resilience, it has also increased its cybersecurity risk. A new report indicates that the rapid adoption and onboarding of telehealth vendors has led to a significantly increased digital footprint and attack surface, leaving both provider and patient data at risk.
The term telehealth is used to refer to the distribution of health-related services and information via electronic information and telecommunication technologies. A brief from the U.S. Department of Health and Human Services reveals that number of telehealth primary care visits increased 350-fold from pre-pandemic levels at the height of the pandemic.
SecurityScorecard and DarkOwl jointly reviewed the 148 most-used telehealth vendors and found that these providers have experienced a nearly exponential increase in targeted attacks as popularity skyrocketed. Researchers uncovered:
- 117% increase in IP reputation security alerts – malware infections, as part of successful phishing attempts and other attack vectors, ultimately cause IP reputation finding issues
- 65% increase in patching cadence findings – the regularity of installing security patches; often one of the primary security policies that protect data
- 56% increase in endpoint security findings – exploited vulnerabilities in endpoint security enable data theft
- 16% increase in application security findings – patients connect with telehealth providers using web-based applications including structured and unstructured data
- 42% increase in FTP issues – an inherently insecure network protocol
- 27% increase in RDP issues – remote desktop protocol has seen increased usage since the widespread adoption of remote work
Researchers found a noticeable increase in leaks from primary healthcare and telehealth companies across the dark web since February 2020.
“There was evidence of prolific and emerging threat actors selling electronic patient healthcare data, malware toolkits that specifically target telehealth technologies, and strains of ransomware that are uniquely configured to take down healthcare IT infrastructure,” according to a joint press release from the two firms.
Despite new risks from telehealth vendors, the healthcare sector has improved its security posture compared to 2019, researchers said. The industry moved to 9th place out of 18 reviewed industries (up from 10th in 2019.
“This is heartening, especially as the industry has been overwhelmed by an influx of patients, limited resources, rationing, and other challenges due to COVID-19,” SecurityScorecard researchers said.