Jun 30, 2020 SOURCE: PR NewsWire

Vectra research identifies new exploitable attack surface within cloud services and remote healthcare

SAN JOSE, Calif., June 30, 2020 /PRNewswire/ -- Vectra® AI, a leader in network threat detection and response (NDR), today released its 2020 Spotlight Report on Healthcare, which shows an upward trend in exploitable behaviors and discredits claims that external threats would lead to increased internal threat activity. The latest Spotlight Report on Healthcare is based on observations and data from January-May of this year using a sample of 363 opt-in enterprise organizations in healthcare and eight other industries.

The COVID-19 pandemic has sparked the global adoption of cloud services across all industries. However, healthcare has suffered the most sudden and rapid pivot to support overwhelmed infrastructure and increased collaboration using the same strapped IT and security resources.

"Healthcare providers have been tasked with quickly leveraging remote access and cloud analytics to scale their operations," said Chris Morales, head of security analytics at Vectra. "While cloud computing better optimizes the use of resources in healthcare, it also creates significant risks. This is especially true when cloud adoption happens faster than proper due diligence can be applied by information security personnel. This trend will persist well after the pandemic."

"This year we observed a stark and sudden growth in data movement outside of our organization's traditional boundaries," said David Willis, head of cyber, governance and assurance at the Greater Manchester Health and Social Care Partnership, National Health Service, in the United Kingdom. "That growth is most likely due to how the NHS has traditionally worked in siloed data centers behind a firewall and has now shifted to the COVID-19 world of cloud-based collaboration."

Security teams must now urgently grapple with where healthcare data resides and how to safeguard it. To do so requires pan-organizational cooperation among IT and security teams as well as visibility that integrates the cloud and the on-premises infrastructure to enable a truly comprehensive threat detection and response capability.

Highlights from the Vectra 2020 Spotlight Report on Healthcare
Vectra investigated network behaviors that are consistent with threats across the entire cyberattack lifecycle - botnet monetization, command and control, internal reconnaissance, lateral movement, and data exfiltration. Upon closer examination, these behaviors were found to be from cloud migration activities, and not attackers.

    --  A 38 percent increase in command-and-control behaviors from January-May
        2020, which indicates remote access of internal systems by the remote
        workforce.
    --  The doubling of data exfiltration behaviors, which indicates data
        leaving internal healthcare networks to external destinations like cloud
        services.
    --  Europe, the Middle East, and Africa (EMEA) and North America have shown
        an increase in the volume of external data movement, known as
        exfiltration. This is consistent with cloud migration.
    --  Smash-and grab behaviors have increased significantly, which can occur
        with a medical device that instantly sends large volumes of data to a
        hosted cloud site.
    --  Data smuggler activity has largely increased, which can occur when
        patient medical records are transferred to cloud storage.

From January-May 2020, the Vectra Cognito® Network Detection and Response (NDR) platform detected and correlated behaviors consistent with attacker behaviors in host devices, assigned a threat-severity score, and prioritized the highest-risk threats to healthcare. This analysis provides the context needed to better understand what data is moving to the cloud, as well as how it is being used and shared.

For healthcare organizations, the migration of data to the cloud was already in motion, and COVID-19 has accelerated this transition and the policies that govern it. NDR is an effective approach for the detection and response to attackers that circumvent or defeat defensive controls and gain an operating capability inside an organization's infrastructure.

About Vectra
Vectra(®) is a leader in network detection and response - from cloud and data center workloads to user and IoT devices. Its Cognito(®) platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream((TM)) sends security-enriched metadata to data lakes and SIEMs. Cognito Recall((TM)) is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect((TM)) uses AI to reveal and prioritize hidden and unknown attackers at speed. For more information, visit vectra.ai.

Media contact
Allison Arvanitis
Lumina Communications for Vectra
vectra@luminapr.com

View original content:http://www.prnewswire.com/news-releases/vectra-research-identifies-new-exploitable-attack-surface-within-cloud-services-and-remote-healthcare-301085588.html

SOURCE Vectra

VECTRA

Related News

Vectra Expands Intelligent Response Capabilities

Vectra launches new advisory and operational cybersecurity services

Vectra expands global footprint through enriched channel partner program, training and growth into commercial market

Vectra security research identifies how cyberattackers use Microsoft Office 365 tools against organizations to steal data

Vectra expands intelligent cyberattack detection and response capabilities with CrowdStrike

Vectra integrates network threat detection and response for Microsoft Security Services

Vectra Mechanical and Flow Rite Plumbing Celebrates Recognition as one of Inc.com's Fastest Growing Companies in America 2023

IPM Launches Innovative Program for Rheumatoid Arthritis

View all News

Latest Procurements

Herbicide resistance status of grain and cotton cropping regions - strategic insights for RDE

Photo Award Submission Management System

Provision for a SaaS Photo Management System

Employee Assistance Program (EAP)

The procurement project NS1230 for the Employee Assistance Program (EAP) underscores ABC's unwavering commitment to employee well-being and organisational resilience. The main purpose of this project is to secure a...

View all Procurementsp

Agenda

June

FranceParc des Expositions de Paris Nord Villepinte ZAC Paris Nord 2, 93420 Villepinte – France (Halls 5a – 5b – 6)

Eurosatory 2024, 17 - 21 June 2024, Parc des Expositions de Paris Nord Villepinte ZAC Paris Nord 2, 93420 Villepinte – France (Halls 5a – 5b – 6)

Eurosatory 2024 There can be no sustainable world without peace and security. Founded in 1967, the exhibition...

May

Paris Marriott Rive Gauche & Conference Center

Future Artillery, 21-23 May 2024, Paris Marriott Rive Gauche & Conference Center, France

DELIVERING FIRES IN THE MULTI-DOMAIN BATTLESPACE As artillery reasserts itself as the ‘King of Battlefield’ in the wake...

May

United Arab EmiratesADNEC (Abu Dhabi National Exhibition Centre), Abu Dhabi, Al Khaleej Al Arabi St - Al Rawdah - Al Ma'arid - Abu Dhabi, UAE

ISNR Abu Dhabi 2024, 21-23 May 2024, ADNEC (Abu Dhabi National Exhibition Centre), Abu Dhabi, Al Khaleej Al Arabi St - Al Rawdah - Al Ma'arid - Abu Dhabi, UAE

ISNR ACCELERATING TRANSFORMATION IN THE NATIONAL SECURITY ECOSYSTEM ISNR Abu Dhabi is the region’s most trusted...

View All Events

Companies

SME Ordnance Sdn. Bhd. (SMEO)

MAFO Naval Closures B.V.

Spider S.A.

View All Companies