Presser, but has some interesting findings:
Evolve IP, The Cloud Services Company™, today released the results of a study of Dark Web email vulnerabilities in the healthcare industry. The research, conducted in a collaboration between Evolve IP and ID Agent, reveals the pervasive nature of email-based cybersecurity attacks and sheds light on the quantity, variety, sources and consistent growth of these threats.
Healthcare IT leaders place a high priority on preventing breaches, but despite their best efforts, hackers often break through the organization’s weakest link – end user email credentials. The study, which included an analysis of 1,000 healthcare organizations, illustrates the need for proactive threat monitoring coupled with near real-time disaster recovery solutions to prevent employee email liabilities from becoming major catastrophes.
Amongst other findings the landmark study uncovered:
- 68 percent of the healthcare organizations analyzed have compromised email credentials as identified by ID Agent’s Dark Web ID analysis. Nearly 80 percent of the positive data set includes actionable password information, simplifying hackers’ efforts to infiltrate the network.
- An estimated 7,500 individual incidents occurred across the study where healthcare companies had email credentials compromised due to phishing or key logging attacks. Any one of these vulnerabilities could rapidly escalate to ransomware, denial of service attacks or PHI breaches across an entire enterprise.
- 23% of the passwords stolen were available for sale or trade on the Dark Web as unencrypted, clearly visible text. While the remainder of passwords were encrypted, the level of encryption used presents no real hurdle to professional hackers that want to crack them.
[…]
SOURCE Evolve IP