Survey Shows 81% of Healthcare Organizations Suffered Cyberattacks

A staggering 81% of healthcare organizations have been compromised by cyberattacks in the past two years, according to healthcare executives in a survey.

In a survey conducted by KPMG titled the “2015 KPMG Healthcare Cybersecurity Survey”, 81% of healthcare organizations have been targeted and compromised by at least one botnet, malware or other cyber-attacks during the past two years, according to healthcare executives. Furthermore, only half of the 223 polled believe that healthcare organizations are sufficiently prepared in preventing such attacks, a PR Newswire revealed.

“The vulnerability of patient data at the nation’s health plans and approximately 5,000 hospitals is on the rise and health care executives are struggling to safeguard patient records,” explained Michael Ebert, leader in KPMG’s Healthcare & Life Sciences Cyber Practice.

Related article: Healthcare Hacker Attack Affects 1.1 Million Customers

The survey polled 223 chief information officers, chief security officers, chief compliance officers and chief technology officers at various healthcare providers.

The survey also revealed that:

  • 13% of those polled say that healthcare organizations are targeted by external malicious hackers at least once a day.
  • 12% believe this frequency to be about two or more attacks per week.
  • 16% of all healthcare organizations admit that they do not have the means to detect the compromise (if any) of their systems in real-time.
  • 66% of healthcare executives believe their organizations are prepared in the face of a cyber-attack.
  • 53% of healthcare providers said they were ready to face cyber-attacks, with larger financial organizations better equipped than smaller ones.
  • Malware or malicious software is the most commonly used tool of attack, with 65% of polled respondents believing so.
  • 26% of respondents added that botnet attacks that usually involve hijacked computers to distribute spam and attack other computers and systems are another frequently used line of attack.

Related article: UCLA Hacked, Data Breach Affects 4.5 Million Victims

“Patient records are far more valuable than credit card information for people who plan to commit fraud since the personal information cannot be easily changed. A key goal for execs is to advance their institutions’ protection to create hurdles for hackers,” added Ebert.

The KPMG survey also highlights that the greatest vulnerabilities that pose a threat within an organization include:

  • External attackers.
  • Sharing data with 3rd parties.
  • Employee breaches
  • Wireless computing
  • Inadequate firewalls.

Many organizations are also used to underestimating the threat of cyber-attacks when they do not experience them frequently, according to Greg Bell the chief at KPMG’s Cyber Practice.

“Healthcare organizations that can effectively track the number of attempts have less cause for worry than those who may not detect all of the threats against their systems,” said Bell.

“The experienced hackers that penetrate a vulnerable health care organization like to remain undetected as long as they can before extracting a great deal of content, similar to a blood-sucking insect.”

The entire survey is available for download here.

Image credit: Pixab