The following is an excerpt from a post by Nate Winslow, the senior principal data scientist at Prevailion:
For the past few months, I’ve been monitoring the health care industry from a cyber risk perspective. A clear picture has emerged, which shows US and French hospitals having high risk. This is disturbing given that many of these hospitals are already facing a crisis of epidemic proportions.
The data I’ve been using to monitor the health care industry consists of intercepted communications to malicious internet domains. By analyzing the daily communications from hundreds of thousands of IP (Internet Protocol) addresses to these malicious domains, I can reconstruct a global view of computer network compromise (see the banner graphic above). This view has remarkable resolution at the city, country, company, and industry group levels. The line plot below shows the stage of compromise within the health care industry broken into 4 subsectors. The red line corresponds to hospitals. The hospitals subsector consistently has the highest stage of compromise within the health care industry.
Within the hospitals subsector, I have also been monitoring the hospitals with the highest stages of compromise. These hospitals are located in the United States and France. The final line plot below shows the stages of compromise for the most impacted hospitals. Stages of compromise range from 1 to 4 (similar to the stages of cancer). When an organization gets above stage 3, the evidence of compromise is very strong, and consistent with malware aggressively spreading within a network.
The above hospitals have computer networks displaying strong evidence of being infected with malware. These infections elevate the cyber risk for ALL hospitals, particularly those in the United States and France.
In the coming months, I will continue to monitor the health care industry and report on other industries observed to have high cyber risk (including the oil and gas industry as well as the pharmaceutical manufacturing industry).
For a deeper dive into Compromise Intelligence within this industry and others, look for our upcoming quarterly Apex Report, due out at the end of April.
The Information Technology Manager works to support Prevailion’s IT assets, employees and mission critical systems. In this role, you will wear many hats and work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the company’s success and growth of Prevailion.
The Threat Intelligence Researcher works in Prevailion’s Intelligence team. In this role, you will work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the Intelligence team’s success and growth and that of Prevailion.
The Senior Threat Intelligence Researcher works in Prevailion’s Intelligence team. In this role, you will work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the Intelligence team’s success and growth and that of Prevailion.