Healthcare industry sitting on ticking time bomb of web application attacks

Cybersecurity Dive

Samantha Schwartz

As the healthcare industry rose to the challenges of the pandemic, bad actors kept pace. General physician offices adopted more third-party solutions and JavaScript APIs to provide more telehealth services, expanding their original attack surface.

Organizations use local applications as web applications through browsers, and every addition of a new application increases the number of targets for hackers. Common code is recycled, which makes preventing injection attacks challenging. XSS attacks, for example, offer boundless exploitability.

The spike in web application attacks directly correlates with how "many of the COVID-19 mitigation efforts are powered by new web applications and services," said Terry Ray, SVP and Fellow at Imperva, though the company can't exactly pinpoint why the rise in attacks coincide with vaccine distribution.

"It would not be unreasonable to believe that...

Get the Morning Update

Thanks for subscribing!