Other sectors, including those with sensitive data such as financial services, experienced roughly the same number of attempted hacks as before. Conversely, the last quarter of the year saw an average of 13 400 attempts to hack healthcare organizations, compared to an average of 6,500 in the first nine months.
Many of the attacks were attempted SQL injections, and attacks from the Butterfly/Mariposa botnet, according to researchers working for SecureWorks.
Healthcare information is a gold mine to criminals, who can harvest and sell the information in online black markets. A hack on a healthcare organization can also be easier than that for other sectors because of the increased attack surface, SecureWorks warned.
"Because of the nature of their business, healthcare organizations have large attack surfaces," said SecureWorks in an analysis of the healthcare attack figures. "Healthcare entities have to provide access to many external networks and web applications so as to stay connected with their patients, employees, insurers and business partners. This increases their risk to cyber attacks."
The healthcare sector faces increasingly stringent security challenges thanks to US legislation. As part of a broad approach to healthcare reform, the Obama administration is advocating a modernization of the healthcare system, and a move to electronic patient records. This has been complemented by the Health Information Technology for Economic and Clinical Health (HITECH) Act, which formed part of last year's stimulus package legislation. HITECH imposed a raft of new privacy and security requirements on healthcare companies.