The migration to the cloud has been in motion for some time, but the Covid-19 pandemic has accelerated this transition, especially for healthcare organizations where there has been an increase in telemedicine and new remote work requirements.
Attackers go after data wherever it is stored. In healthcare, that data is migrating to the cloud. This rapid transition is happening faster than due diligence can be applied by security teams which causes the risk of exposure of sensitive data.
This report contains analysis and findings from Vectra opt-in healthcare customers from January-May 2020.
Key highlights include:
- 38% increase in command-and-control behaviors, which indicates remote access of internal;
- A doubling of data exfiltration, which indicates data leaving internal healthcare networks to external destinations like cloud services;
- Smash-and grab behaviors have increased significantly, which occurs when medical IoT devices send large volumes of data to a hosted cloud site;
- Data smuggler activity also increased, likely caused by immense volumes of patient medical records migrating to cloud storage.