Cyber Risk Heightens for US and French Hospitals

Image of hospital map - April 2020
20 April 2020

The following is an excerpt from a post by Nate Winslow, the senior principal data scientist at Prevailion:

For the past few months, I’ve been monitoring the health care industry from a cyber risk perspective. A clear picture has emerged, which shows US and French hospitals having high risk. This is disturbing given that many of these hospitals are already facing a crisis of epidemic proportions.

The data I’ve been using to monitor the health care industry consists of intercepted communications to malicious internet domains. By analyzing the daily communications from hundreds of thousands of IP (Internet Protocol) addresses to these malicious domains, I can reconstruct a global view of computer network compromise (see the banner graphic above). This view has remarkable resolution at the city, country, company, and industry group levels. The line plot below shows the stage of compromise within the health care industry broken into 4 subsectors. The red line corresponds to hospitals. The hospitals subsector consistently has the highest stage of compromise within the health care industry.



Within the hospitals subsector, I have also been monitoring the hospitals with the highest stages of compromise. These hospitals are located in the United States and France. The final line plot below shows the stages of compromise for the most impacted hospitals. Stages of compromise range from 1 to 4 (similar to the stages of cancer). When an organization gets above stage 3, the evidence of compromise is very strong, and consistent with malware aggressively spreading within a network.



The above hospitals have computer networks displaying strong evidence of being infected with malware. These infections elevate the cyber risk for ALL hospitals, particularly those in the United States and France.

In the coming months, I will continue to monitor the health care industry and report on other industries observed to have high cyber risk (including the oil and gas industry as well as the pharmaceutical manufacturing industry).

For a deeper dive into Compromise Intelligence within this industry and others, look for our upcoming quarterly Apex Report, due out at the end of April.

The Latest

Prevailion CEO, Karim Hijazi – Cheddar News- FCC commissioner calls on Apple and Google to ban TikTok app

A member of the FCC renewed urgency calls on Apple and Google to remove TikTok from their app stores, raising concerns that TikTok’s Chinese-based parent company is collecting user data that is being accessed in China.

IRONSCALES Cyber Security Heroes: The New Cyber Era Post Ukraine Invasion

What Wicked Webs We Un-weave

What Wicked Webs We Un-weave: Wizard Spider once again proving it isn’t you, it isn’t me; we search for things that you can’t see Authored by: Matt Stafford and Sherman Smith Executive summary: In late January 2022, Prevailion’s Adversarial Counterintelligence Team (PACT) identified extensive phishing activity designed to harvest credentials for Naver. Naver is a […]

Copyright 2023 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.