Verizon: Most Health Care Attacks Target SMBs

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A Verizon breakdown of cyberattacks by industry reveals cybercriminals launch more sophisticated attacks on financial services, but go after health care data by targeting small doctors offices. This serves as a valuable road map for partners zoning in on prospective customers with relevant security solutions.

As in life, not all cyberattacks are created equally. Cyberattackers have developed unique ways to target victims, based on their size, security infrastructure and the quality of data they house. As such Verizon Communications Inc. attempted to break down that information in a series of industry-by-industry snapshots based on data compiled in its "Verizon 2012 and 2011 Data Breach Investigations Report."

The net-net? While cyberthreats affect all industries, they do not affect them all equally. In fact, certain verticals such as financial services are subjected to sophisticated malware, while health care breaches stem largely from simple attacks at small doctors offices. The retail sector gets the brunt of insider threats. And food service? They were subjected to the largest number of attacks over the last two years.

Related articles

And at the end of the day, it’s all information that can be handily filed away by security solution providers when starting conversations with prospective customers about hardening cyberdefenses.

Altogether, Verizon grouped businesses by five industry verticals:  Financial and insurance; health care; retail; accommodations and food service; and intellectual property theft.

Perhaps not surprisingly, financial services data was some of the most highly targeted by attackers, attributed to the fact that financial organizations typically house scads of high-value information. Also not shocking was the fact that the majority of breaches were executed for financial gain, by either directly accessing victim accounts or indirectly through fraud committed via ATM, Web application malware and employees.

Conversely, for health care verticals, most of the breaches fell into SMB market categories with one to 100 employees, as well as small doctors and dentist offices. In the same vein as financial services, cybercriminals went after healthcare information for profit. However, most attacks involved simple malware and attacks aimed at POS systems, as well as sensitive information housed on medical devices.

Like the health care industry, the majority of retail sector attacks targeted SMB shops and small franchises, often ill-equipped to defend against external threats. And similarly, cybercriminals gained entry via PoS systems. However, the retail industry differed from others with breaches that were also linked to internal employees -- either accidentally via phishing attacks or intentionally as the result of insider fraud.

Similarly to other verticals, attacks on hotel and food services were largely relegated to SMBs via PoS systems. And hospitality and food industry, still relatively new to cyberattacks, appeared to be an easy target -- so much so that the industry sustained more breaches than any other over the last two years.

Finally, Verizon's data revealed that attacks against intellectual property often required collusion between malicious insiders and external sources. Many of the attacks were carried out as part of a more strategic effort against an industry for specific financial, technological or commercial advantage. And unlike other breaches, attacks against IP were found to be the least predictable, and therefore, most challenging to comprehensively prevent.

If nothing else, Verizon's unique threat compilation likely indicates that it plans to further target independent verticals with industry-specific solutions. The New York-based telecom has already paved the way, recently announcing a cloud services launch targeting the health care industry by touting adherence to HIPAA requirements.

Meanwhile, for the channel, the Verizon report provides a handy road map that reveals crucial insight to their customers' most salient threats. Thus, partners can leverage the information to hone their approach and tailor their security strategy around their customers’ specific security needs.

For example, partners can glean from financial services attack data to propose sophisticated overarching security architectures designed to defend against targeted and other advanced malware. Information garnered from health care attack trends can be used to bolster small doctors offices with fundamental security infrastructure, which includes proposing new M2M defenses for medical equipment storing highly valuable patient information.

And partners catering to retail industries can better devise solutions to address insider threats with DLP, encryption and other technologies.

When all’s said and done, that kind of threat breakdown ultimately serves to give partners a stronger competitive advantage when breaking into new markets, zoning in on prospective customers or finding strategic ways to start new conversations around security build-outs.

 

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Channel Business
mock3-0913

Channel millennials to learn from older peers with new CompTIA initiative

Initiative may help with 2015 emerging threat of millennial expectations

NY traffic lights

Gigamon launches partner program

Traffic visibility firm includes pre- and post-sales training certifications in new partner program

Sales online and in the shops

Black Friday wearable tech uptake splits industry

Shoppers may have snapped up a bargain wearable device on Friday, but just how much impact will this have when they choose to wear it to work today?

Backbytes - a happy computer

Perk up! HP opens up former direct-only perks to the channel

Latest ServiceOne partner program released as Q4 results disappoint

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
ken-shaw-infrascale

Vendor Q&A Series: Ken Shaw Jr., Infrascale

The latest channel exec to sit in the Channelnomics hotseat is Infrascale's CEO

businessman-walking-rope-outdoor-balance

MSP market saturation may lead to smaller players being dumped by vendors

Smaller players need to ensure that they don't fall prey to solution provider consolidation by vendors

Questions

Windows 10 service model raises enterprise, channel questions

Microsoft is banking on the fact that its next OS will be an improvement over prior iterations, but will the product’s sales model be as well received as the product itself?

Handshake in London

Microsoft Big Data acquisition shows willingness to embrace open platforms

The software giant embraces yet another open-source tool in R and stakes its claim in the analytics arena