By By Dan Hounsell

IT managers continue to battle seemingly endless waves of email hacks and ransomware targeting patient data. Covenant HealthCare recently confirmed that an unauthorized individual gained access to two employees' email accounts, potentially exposing about 45,000 patients' information. In response to the attacks, the nonprofit Center for Internet Security recently launched a no-cost ransomware protection service for private U.S. hospitals.

Now, research from CybelAngel takes a look at the way cybercriminals plan healthcare-related fraud, ransomware and other attacks by obtaining stolen credentials, leaked database files and other materials from specialized sources in the cybercrime underground, according to Security. Analysts describe the way the ongoing COVID-19 pandemic’s strain on hospitals, coupled with the healthcare industry’s porous cybersecurity defenses, give criminals the ability and resources to launch lucrative intrusions.

“While the volume and stakes of these attacks can feel overwhelming, our research shows that sealing off a few specific types of exposed data could have a meaningful effect by disrupting the supply chains adversaries rely on to execute these attacks," said a CybelAngel official.

Among the findings: Attackers combine credential-stuffing with third-party access to beat detection. Many breaches and ransomware attacks are traced back to compromises of third-parties the healthcare sector relies on for software, tech support, billing, and data reporting.

Click here to read the article.