Web application attacks within the healthcare sector surged in December as distribution of the primary COVID-19 vaccines began, consistent with new data from Imperva.
The security vendor claimed that attacks jumped 51% last month from detected volumes in November during a vertical that has been bombarded by cyber-criminals over the past year.
Four specific attack types saw the most important increases: cross-site scripting (XSS) detections jumped 43%; SQL injection attacks surged 44%; protocol manipulation attacks soared 76%; and remote code execution/remote file inclusion detections increased 68% in December.
XSS and SQLi attacks represented the amount one and two threats detected by volume.
Imperva SVP Terry Ray claimed it had been an “unprecedented year” of cyber activity, with global healthcare organizations (HCOs) experiencing 187 million attacks per month on the average . That amounts to just about 500 attacks per HCO monthly — a tenth increase year-on-year.
The US, Brazil, UK and Canada were the top countries targeted last year.
Like organizations in many sectors, HCOs are looking to digital transformation to assist them survive and adapt through an unprecedented year. However, their reliance on third-party applications to save lots of time and money can also have exposed them, consistent with Ray.
“While there are sometimes business advantages to third-party applications, the risks include: patching only on the vendor’s timeline, known exploits that are widely publicized and constant zero-day research on widely used third-party tools and APIs,” he argued.
“Reliance on JavaScript APIs and third-party applications creates a threat landscape of more complex, automated, and opportunistic cybersecurity risks that are increasingly challenging for all organizations to detect and stop. And while ransomware attacks commonly land healthcare organizations within the news, it’s only the vulnerable application front-end to all or any healthcare data that experiences the variability and volume of daily attacks noted above.”
Ray also warned that a lot of organizations may have a nasty surprise expecting them as they begin 2021, when the impact of December attacks start to become clear. HCOs’ focus in 2020 on supporting remote working and dealing with the surge in COVID patients means less time may are spent on incident response, he added.
In just the primary three days of 2021, Imperva saw a 43% increase in data leakage.