Verizon: Most Health Care Attacks Target SMBs

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A Verizon breakdown of cyberattacks by industry reveals cybercriminals launch more sophisticated attacks on financial services, but go after health care data by targeting small doctors offices. This serves as a valuable road map for partners zoning in on prospective customers with relevant security solutions.

As in life, not all cyberattacks are created equally. Cyberattackers have developed unique ways to target victims, based on their size, security infrastructure and the quality of data they house. As such Verizon Communications Inc. attempted to break down that information in a series of industry-by-industry snapshots based on data compiled in its "Verizon 2012 and 2011 Data Breach Investigations Report."

The net-net? While cyberthreats affect all industries, they do not affect them all equally. In fact, certain verticals such as financial services are subjected to sophisticated malware, while health care breaches stem largely from simple attacks at small doctors offices. The retail sector gets the brunt of insider threats. And food service? They were subjected to the largest number of attacks over the last two years.

Related articles

And at the end of the day, it’s all information that can be handily filed away by security solution providers when starting conversations with prospective customers about hardening cyberdefenses.

Altogether, Verizon grouped businesses by five industry verticals:  Financial and insurance; health care; retail; accommodations and food service; and intellectual property theft.

Perhaps not surprisingly, financial services data was some of the most highly targeted by attackers, attributed to the fact that financial organizations typically house scads of high-value information. Also not shocking was the fact that the majority of breaches were executed for financial gain, by either directly accessing victim accounts or indirectly through fraud committed via ATM, Web application malware and employees.

Conversely, for health care verticals, most of the breaches fell into SMB market categories with one to 100 employees, as well as small doctors and dentist offices. In the same vein as financial services, cybercriminals went after healthcare information for profit. However, most attacks involved simple malware and attacks aimed at POS systems, as well as sensitive information housed on medical devices.

Like the health care industry, the majority of retail sector attacks targeted SMB shops and small franchises, often ill-equipped to defend against external threats. And similarly, cybercriminals gained entry via PoS systems. However, the retail industry differed from others with breaches that were also linked to internal employees -- either accidentally via phishing attacks or intentionally as the result of insider fraud.

Similarly to other verticals, attacks on hotel and food services were largely relegated to SMBs via PoS systems. And hospitality and food industry, still relatively new to cyberattacks, appeared to be an easy target -- so much so that the industry sustained more breaches than any other over the last two years.

Finally, Verizon's data revealed that attacks against intellectual property often required collusion between malicious insiders and external sources. Many of the attacks were carried out as part of a more strategic effort against an industry for specific financial, technological or commercial advantage. And unlike other breaches, attacks against IP were found to be the least predictable, and therefore, most challenging to comprehensively prevent.

If nothing else, Verizon's unique threat compilation likely indicates that it plans to further target independent verticals with industry-specific solutions. The New York-based telecom has already paved the way, recently announcing a cloud services launch targeting the health care industry by touting adherence to HIPAA requirements.

Meanwhile, for the channel, the Verizon report provides a handy road map that reveals crucial insight to their customers' most salient threats. Thus, partners can leverage the information to hone their approach and tailor their security strategy around their customers’ specific security needs.

For example, partners can glean from financial services attack data to propose sophisticated overarching security architectures designed to defend against targeted and other advanced malware. Information garnered from health care attack trends can be used to bolster small doctors offices with fundamental security infrastructure, which includes proposing new M2M defenses for medical equipment storing highly valuable patient information.

And partners catering to retail industries can better devise solutions to address insider threats with DLP, encryption and other technologies.

When all’s said and done, that kind of threat breakdown ultimately serves to give partners a stronger competitive advantage when breaking into new markets, zoning in on prospective customers or finding strategic ways to start new conversations around security build-outs.

 

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Channel Business
jessica-m-225x300

Welcome to the new Channelnomics

Channelnomics goes live with new-look site. Join us on Twitter to give us your thoughts - @channelnomics

flowers-and-chocolates

VMware Woos ISVs With New Channel Program

Vendor stresses business as usual despite speculation that its parent company could be merging with a current rival

Microsoft

Microsoft End of Service for Windows Server 2003: No Safe Haven, Conference Hears

Non-PCI compliance a key risk for SMBs not migrated away from Microsoft Windows Server 2003 in time

james-perry

Vendor Q&A Series: James Perry, Bloxx

The latest vendor to brave the Channelnomics Q&A is Bloxx' U.S. channel manager James Perry

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
geyser-emitting-steam

Palo Alto Networks’ Traps shows volatility in endpoint protection

Palo Alto ventures away from its sweet spot in enterprise security with the launch of Traps, a complementary technology that safeguards endpoints from malware. The new product shows how endpoint security is shifting from traditional antivirus technologies.

May Mitchell president of marketing North America at Symantec

Vendor Q&A Series: May Mitchell, Symantec

The latest vendor exec. to sit in the Channelnomics hot seat is Symantec's marketing vice president for North America

james-perry

Vendor Q&A Series: James Perry, Bloxx

The latest vendor to brave the Channelnomics Q&A is Bloxx' U.S. channel manager James Perry

IBM Watson supercomputer

IBM Makes Watson More Accessible, Productive

IBM is making its Watson cognitive computing platform more available to businesses of all sizes, with the intent of helping more companies tap the power of natural-language and predictive analytics. The program complements ongoing efforts to develop a Watson channel.