• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, Network Security, News

Insiders Pose Cybersecurity Threat to Healthcare

The average cost for credential theft was more than $871,000 for each incident associated with an insider, warns HHS.

April 26, 2022 TD Staff Leave a Comment

insider threats
Disgruntled employees pose a significant insider threat because of their access to a healthcare facility’s systems. Additionally, often they are emotional threat actors with an intent to cause harm to their company. Photo by Artur/stock.adobe.com.

The U.S. Department of Health and Human Services (HHS) Cybersecurity Program Office of Information Security warned healthcare facilities on Thursday about vulnerabilities to insider threats.

HHS cited a 2020 study from Ponomon, which found that 61% of data breaches involving an insider are primarily unintentional, caused by negligent insiders. Nearly 14% of breaches, however, are malicious, and nearly one in four involve stolen credentials. That same report found the average cost of insider threats per incident was $871,700 for credential theft, $755,800 for criminal and malicious insiders, and $307,100 for employee or contractor negligence.

The HHS report also covered the risks associated with insiders who are working on behalf of external groups, saying that 82% of organizations can’t determine the actual damage that an insider attack has actually caused. That said, the percentage of common types of insider threat damage include:

  • Critical data loss, 40%
  • Operational outage/disruption, 33%
  • Brand damage, 26%
  • Legal liabilities, 21%
  • Expenses on remediating intrusions, 19%
  • Competitive loss, 17%

Disgruntled employees pose a significant insider threat because of their access to a healthcare facility’s systems. Additionally, often they are emotional threat actors with an intent to cause harm to the company. Sometimes they believe they are owed something, according to the HHS report. About 80% of privilege misuse by disgruntled employees was financially motivated.

Related: Why Healthcare Needs Better Data Security

Third parties are also a threat since 94% of organizations give third parties access to their systems. Very often, third party vendors are given elevated permissions on those systems.

Insider threat activities in healthcare usually consist of fraud, data thefts, and/or system sabotage.

Behavior indicators of an inside threat actor can include:

  • Official records of security violations or crimes
  • Cases of unprofessional behavior
  • Cases of bullying other employees
  • Personality conflicts
  • Misuse of travel, time, or expenses
  • Conflicts with coworkers or supervisors

Indicators of IT sabotage include:

  • Creating backdoor accounts
  • Changing all passwords so that no one can access data
  • Disabling system logs
  • Installing a remote network administration tool
  • Installing malware
  • Accessing systems or machines of other employees

Indicators of data theft include:

  • Massive downloading of corporate data
  • Sending sensitive data to a non-corporate address
  • Sending emails with heavy attachments to non-corporate addresses
  • Extensive use of corporate printers
  • Remotely accessing a server during non-working hours

The report also found that detecting insider attacks has become more difficult with so many organizations switching to the cloud.

HHS recommends the following practices to mitigate insider cybersecurity threats:

  • Incorporate insider threat awareness into periodic security training for all employees.
  • Implement strict password and account management policies and practices.
  • Define explicit security agreements for any cloud services, especially access restrictions and monitoring capabilities.
  • Ensure that sensitive information is available only to those who require access to it.
  • Use a log correlation engine or security information and event management (SIEM) system to log, monitor, and audit employee actions.
  • Develop a formal insider threat mitigation program.

CISA offers free cybersecurity services and tools, along with pertinent guidelines and updates that can help large and small organizations in the health sector. This information can be accessed online at .cisa.gov/free-cybersecurity-services-and-tools.

This article originally appeared on MyTechDecisions’ sister-site Campus Safety. 

Tagged With: Cloud Computing, Cybersecurity, ID theft, Malware, Privacy, risk management

Related Content:

  • Sony SRG A PTZ Cameras Sony Introduces Two New AI-Enabled PTZ Cameras
  • Microsoft Office 365 Government Secret cloud, MIcrosoft Microsoft Makes Office 365 Secret Cloud Available for…
  • Concept of File management. Searching files in database., 3d vector illustration. Gen Z vs. Baby Boomers: Which Generation Has…
  • DanteAV hero Audinate Dante AV Adoption Accelerates with New Partners…

Free downloadable guide you may like:

  • Blueprint Series Cover: What works for hybrid workBlueprint Series: What Works for Hybrid Work

    Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.