IoT Malware Attack Volume Up 123% in Healthcare

July 28, 2022 - IoT malware attacks in healthcare are becoming increasingly common, especially as connected health adoption continues to increase and threat actors find nontraditional attack vectors to exploit.

A November 2021 report by Medigate and CrowdStrike found that over 80 percent of surveyed healthcare organizations reported facing IoT security incidents in the previous 18 months. 

SonicWall’s newly released mid-year report saw a global decrease in traditional ransomware attacks, but researchers also observed a 123% increase in IoT malware attack volume in healthcare.

“Cybercrime has been a global phenomenon for decades,” Bill Conner, president and CEO of SonicWall, stated in the report.

“But with geopolitical forces accelerating the reconfiguration of the world’s cyber frontlines, the true danger presented by threat actors is coming to the fore — particularly among those that once saw the smallest share of attacks.”

Healthcare has long been one of the most frequently attacked industries, but the recent shifts in tactics and targets still suggest that organizations across all sectors will have to adjust.

SonicWall analyzed information collected from more than 1.1 million security sensors in 215 countries, along with analysis from freelance security researchers, malware and IP reputation data, and other data collected from SonicWall security systems.

The report attributed the 11 percent increase in malware largely to cryptojacking and IoT malware attacks. Every analyzed industry saw significant spikes in IoT malware attacks, and healthcare was no exception.

“That doesn’t mean there isn’t any good news, however: Surprisingly, these massive increases don’t seem to have resulted in corresponding jumps in the percentage of customers targeted,” the report observed.

“In fact, the opposite has happened: across every industry examined, the percentage of customers targeted in the first half of 2022 actually fell compared with the first half of 2021.”

The drop is good for the healthcare industry as a whole because it means that threat actors are not significantly expanding the number of organizations they target. But it also means that individual organizations should expect to see an increased number of IoT malware attempts, the data suggested.

A March 2022 report by Claroty observed a significant increase in healthcare IoT, IT, and medical device vulnerability disclosures in recent years. Researchers found that industrial control system (ICS) vulnerability disclosures grew by 110 percent over the last four years, with a 25 percent increase in the latter half of 2021 alone.

Over 30 percent of the disclosed vulnerabilities impacted IoT, IT, and medical device assets, underscoring the need for vulnerability management to reduce exposure. 

With all this data taken into consideration, it is clear that the healthcare sector will need to continue prioritizing IoT and medical device security as part of the industry’s ongoing efforts to protect patient data in an age of increased threats and connectivity. To reduce risk, organizations should consider prioritizing patch management and investing in technologies that can quickly detect malware intrusions.