A new report from EfficientIP and International Data Corporation (IDC) shows how the healthcare industry experienced devastating effects from DNS attacks during the COVID-19 pandemic, more so than other industries. The 2021 Global DNS Threat Report shows that the average cost per attack in healthcare increased to £626,000, a rise of 12 per cent from last year and the sharpest increase seen by any industry.
The Threat Report shows that healthcare is more vulnerable than other industries to a variety of consequences from attacks: Healthcare is the most likely industry to suffer application downtime, with 53 per cent of healthcare companies in the survey reporting that. Healthcare also saw the highest rate of compromised websites at 44 per cent and the highest rate of brand damage at 31 per cent. During a time when the health industry is already experiencing other stressors related to the pandemic, downtimes in apps and services or cloud accessibility could have heavy consequences for both patients and providers.
Other negative effects include cloud service downtime (46 per cent), loss of business (34 per cent), and stolen customer information (23 per cent) — up from 13 per cent last year. Customer information is particularly sensitive in the healthcare sector, which makes it an attractive target–particularly so during a time of high-stress for the industry.
“We all knew that the healthcare industry would be a prime target for cyberattacks during the pandemic,” Ronan David, VP of strategy for EfficientIP, said. “But it really is fascinating–and useful–to see the data in black and white. Fascinating because we finally have a clear quantitative picture, and useful because we see where companies like EfficientIP can help healthcare companies improve their defences.”
Healthcare suffered an average of 6.71 DNS attacks over a 12-month period, and it took an average 6.28 hours to mitigate each attack, which is higher than the all-industry average of 5.62 hours.
The most common DNS attack type in healthcare, like many other industries, is phishing; 49 per cent of the healthcare companies surveyed experienced a phishing attack, which matches the average for all industries. DNS-based malware is also popular in healthcare at 36 per cent, as is DNS tunnelling at 29 per cent and DNS domain hijacking at 28 per cent. Compared to the all-industry average, healthcare saw relatively low rates of things like DDoS attacks (the all-industry average was 29 per cent while the healthcare average was 19 per cent). The consequences of attacks on healthcare infrastructure can be extreme, directly affecting patient care and well-being.
This makes defence strategies incredibly important. In order to protect themselves, healthcare companies have turned both to Zero Trust and to smarter DNS security. The Threat Report shows that the healthcare industry is planning, implementing, or running Zero Trust initiatives more than other industries (79 per cent, compared to an all-industry average of 75 per cent), and is the strongest believer that DNS domain deny-and-allow lists are valuable for Zero Trust (82 per cent, compared to79 per cent).
Like many industries, healthcare sees DNS security as critical for protecting a remote workforce (54 per cent of healthcare companies surveyed agreed with that statement). A full 78 per cent agreed that DNS security was a critical component of network architecture. 27 per cent of healthcare companies put better monitoring and analysis of DNS traffic as their top priority for preventing data theft.