Nearly two-thirds of healthcare organizations suffered an attack on their supply chain over the last 12 months, according to a report from the Ponemon Institute and cybersecurity firm Proofpoint.
Most healthcare cyberattacks are through compromised cloud-based accounts, and the rest are from business email phishing, supply chain and ransomware attacks.
A total of 63% of healthcare IT professionals surveyed by the Ponemon Institute said their organizations are vulnerable to a supply chain attack, but only 40 percent said this threat is a concern.
Supply chain attacks typically involve someone impersonating a medical supplier and compromising an employee's email. "The attacker then observes, mimics and uses historical information to craft scenarios to spoof employees in the supply chain," the report found.
Although supply chain cyber schemes happen less frequently than cloud compromises and phishing spoofs, supply chain attacks are the most likely to disrupt patient safety and care. In the last 12 months, 77% of survey respondents said supply chain attacks hurt their organization's care delivery.
Despite this risk to patient care, only 45% of healthcare organizations are prepared to block and handle a supply chain threat.
Read more here.