The HHS Health Sector Cybersecurity Coordination Center issued an alert July 21 about an increase in web application attacks on the healthcare sector.
Five things to know:
- Web application attacks are conducted by financially motivated cybercriminals and state-sponsored hackers.
- Web application attacks are the No. 1 avenue of breach for healthcare attacks, according to the 2022 "Verizon Data Breach Investigations Report."
- Web application attacks target web servers accessible from the internet and use stolen credentials to gain access to the application or exploit vulnerabilities in the application or underlying architecture.
- These attacks are conducted to gain access to sensitive data and to access applications and networks for espionage or for extortion.
- The HHS recommends implementing web application firewalls, security testing and secure development testing to curb and protect against web application attacks.