Verizon: Most Health Care Attacks Target SMBs

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A Verizon breakdown of cyberattacks by industry reveals cybercriminals launch more sophisticated attacks on financial services, but go after health care data by targeting small doctors offices. This serves as a valuable road map for partners zoning in on prospective customers with relevant security solutions.

As in life, not all cyberattacks are created equally. Cyberattackers have developed unique ways to target victims, based on their size, security infrastructure and the quality of data they house. As such Verizon Communications Inc. attempted to break down that information in a series of industry-by-industry snapshots based on data compiled in its "Verizon 2012 and 2011 Data Breach Investigations Report."

The net-net? While cyberthreats affect all industries, they do not affect them all equally. In fact, certain verticals such as financial services are subjected to sophisticated malware, while health care breaches stem largely from simple attacks at small doctors offices. The retail sector gets the brunt of insider threats. And food service? They were subjected to the largest number of attacks over the last two years.

Related articles

And at the end of the day, it’s all information that can be handily filed away by security solution providers when starting conversations with prospective customers about hardening cyberdefenses.

Altogether, Verizon grouped businesses by five industry verticals:  Financial and insurance; health care; retail; accommodations and food service; and intellectual property theft.

Perhaps not surprisingly, financial services data was some of the most highly targeted by attackers, attributed to the fact that financial organizations typically house scads of high-value information. Also not shocking was the fact that the majority of breaches were executed for financial gain, by either directly accessing victim accounts or indirectly through fraud committed via ATM, Web application malware and employees.

Conversely, for health care verticals, most of the breaches fell into SMB market categories with one to 100 employees, as well as small doctors and dentist offices. In the same vein as financial services, cybercriminals went after healthcare information for profit. However, most attacks involved simple malware and attacks aimed at POS systems, as well as sensitive information housed on medical devices.

Like the health care industry, the majority of retail sector attacks targeted SMB shops and small franchises, often ill-equipped to defend against external threats. And similarly, cybercriminals gained entry via PoS systems. However, the retail industry differed from others with breaches that were also linked to internal employees -- either accidentally via phishing attacks or intentionally as the result of insider fraud.

Similarly to other verticals, attacks on hotel and food services were largely relegated to SMBs via PoS systems. And hospitality and food industry, still relatively new to cyberattacks, appeared to be an easy target -- so much so that the industry sustained more breaches than any other over the last two years.

Finally, Verizon's data revealed that attacks against intellectual property often required collusion between malicious insiders and external sources. Many of the attacks were carried out as part of a more strategic effort against an industry for specific financial, technological or commercial advantage. And unlike other breaches, attacks against IP were found to be the least predictable, and therefore, most challenging to comprehensively prevent.

If nothing else, Verizon's unique threat compilation likely indicates that it plans to further target independent verticals with industry-specific solutions. The New York-based telecom has already paved the way, recently announcing a cloud services launch targeting the health care industry by touting adherence to HIPAA requirements.

Meanwhile, for the channel, the Verizon report provides a handy road map that reveals crucial insight to their customers' most salient threats. Thus, partners can leverage the information to hone their approach and tailor their security strategy around their customers’ specific security needs.

For example, partners can glean from financial services attack data to propose sophisticated overarching security architectures designed to defend against targeted and other advanced malware. Information garnered from health care attack trends can be used to bolster small doctors offices with fundamental security infrastructure, which includes proposing new M2M defenses for medical equipment storing highly valuable patient information.

And partners catering to retail industries can better devise solutions to address insider threats with DLP, encryption and other technologies.

When all’s said and done, that kind of threat breakdown ultimately serves to give partners a stronger competitive advantage when breaking into new markets, zoning in on prospective customers or finding strategic ways to start new conversations around security build-outs.

 

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Channel Business
money-wad-dollar

IDC predicts 21 percent increase in 2015 cloud infrastructure spending

Research firm expects U.S. to see fourth largest growth globally

Men shaking hands

Fewer deals, smarter sales

What appears illogical on the surface — lower sales volume, higher profitability — makes perfect sense when you think about it

seo-question

Lenovo: People don't know enough about our channel business

Vendor opens enterprise briefing center aimed at increasing customer engagement

Boxing glove

Fight IT commoditization with differentiation that matters - partner

Clients care more about money and efficiency than IT jargon, an MSP says

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
The cost of doing business

MSP Consortium free RMM, PSA tools should ease MSP business costs

The Managed Service Provider Consortium is giving away a new remote monitoring and management and professional services organization tool to enable solution providers to operate free of costly licensing fees

mobile-iot

‘Things’ take center stage

Vendors, VARs, and start-ups feed off rapidly growing momentum of the IoT movement

Men shaking hands

Fewer deals, smarter sales

What appears illogical on the surface — lower sales volume, higher profitability — makes perfect sense when you think about it

marc-dupaquier-photoshop1

Vendor Q&A Series: Marc Dupaquier, IBM

The latest channel exec to sit in the Channelnomics hotseat is IBM's general manager of global business partners