Healthcare Suffers Most Cyber Security Incidents

The healthcare industry accounted for 26 percent of security incidents in the second quarter of 2017 according to a new report.

The study from McAfee Labs sees healthcare surpass the public sector to report the greatest number of security incidents in Q2. The health, public, and education sectors combined comprised more than 50 percent of total incidents in 2016-2017 worldwide.

McAfee has also seen a rise in social media attacks with the Faceliker Trojan helping drive the quarter's 67 percent increase in new malware samples from the social media landscape.

The second quarter of 2017 saw Facebook emerge as a notable attack vector, with Faceliker accounting for as much as 8.9 percent of the quarter's 52 million newly detected malware samples.

This Trojan infects a user's browser when visiting malicious or compromised websites. It then hijacks Facebook 'likes' and promotes the content without the knowledge or permission of the user. Doing this at scale can earn money for the malicious parties behind Faceliker as the hijacked clicks can make a news article, video, website or ad appear more popular or trusted than it really is.

"Faceliker leverages and manipulates the social media and app based communications we increasingly use today," says Vincent Weafer, vice president at McAfee Labs. "By making apps or news articles appear more popular, accepted and legitimate among friends, unknown actors can covertly influence the way we perceive value and even truth. As long as there is profit in such efforts, we should expect to see more such schemes in the future."

Other types of threat have been increasing too, mobile malware grew 61 percent over the past four quarters, new macro malware rose by 35 percent, while new ransomware grew 54 percent. Mac malware has grown at a slower rate, up just four percent in the second quarter.

Beta News

You Might Also Read: 

British NHS Sure To Be Hit By More Cyber Attacks:

Insiders Are The Cause Of Most Healthcare Breaches:

 

« US Asks China Not to Enforce Cybersecurity Law
Innovation in Cloud-Based Video Analytics »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Navista

Navista

Navista's hardware and software modules are especially designed to ease the deployment of secure networks.

CCL Solutions Group

CCL Solutions Group

CCL is one of Europe’s leading digital investigation specialists, supporting law enforcement, government and organisations across both public and private sectors.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

EuroISPA

EuroISPA

EuroISPA is a pan European association of European Internet Services Providers Associations and the world’s largest association of ISPs.

Tubitak

Tubitak

Tubitak is the scientific and technological research council of Turkey. Areas of research include information technology and security.

National Association of State Chief Information Officers (NASCIO)

National Association of State Chief Information Officers (NASCIO)

NASCIO's Cybersecurity Committee focuses helps state CIOs to formulate high-level security and data protection policies and technical controls.

Smart Payment Association (SPA)

Smart Payment Association (SPA)

Smart Payment Association (SPA) is the trade body of the smart payments industry.

Immunity Services

Immunity Services

Immunity Services offers a comprehensive range of penetration testing and vulnerability assessment consulting services.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

Threatspan

Threatspan

Threatspan is a cybersecurity firm helping shipping and maritime enterprises achieve and maintain nautical resilience in an age of increasing cyber threats.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

Nameshield Group

Nameshield Group

Nameshield is one of most experienced domain name registrars, trademark protection specialists and managers of online reputational risk in the world today.

The ATOM Group

The ATOM Group

ATOM builds and secures technology for regulated industries. We design and build for a future we can all trust.

KryptoKloud

KryptoKloud

KryptoKloud offer a suite of Managed Services including Security Monitoring and Incident Response as well as a full portfolio of Compliance, Governance and Audit solutions.

IriusRisk

IriusRisk

IriusRisk is an open Threat Modeling platform that automates and supports creating threat models at design time.