"Most US Healthcare Apps Susceptible to Cyberattack"

Researchers at Outpost24 found that vulnerabilities exist in most of the web applications used by leading healthcare providers in the United States.  The researchers found that 90% of the web applications used by US healthcare operators are susceptible to cyberattacks.  The researchers assessed the internet-exposed applications of the top 20 largest pharma and healthcare organizations in the European Union and in the US to identify common attack vectors and exploitable flaws.  The researchers found that 85% of the top 20 pharma and healthcare applications had an external attack surface score of 30 or above out of 58.24. Outpost24 classified such a score as 'critically exposed,' indicating a "high susceptibility for security and vulnerability exposure." Healthcare organizations in the United States were found to be more at risk than their European counterparts.  The researchers stated that while US organizations had an average risk exposure score of 40.5, the score for healthcare organizations in the EU was 32.79.  The researchers also found that a quarter of the web applications run by healthcare organizations in the US presented a cybersecurity risk. Out of a total of 6069 web applications run over 2197 domains, 3% were considered as "suspect" by researchers, and a further 23.74% were found to be running on vulnerable components.  Although EU healthcare organizations run almost four times as many web applications as those in the US, the percentage of apps deemed to be risky was lower in the EU than in the US.  Of the 20,394 web applications run by EU healthcare organizations over 9216 domains, 3.3% were considered to be suspect, and 18.3% were running on vulnerable components.  The top three attack vectors identified across healthcare organizations in the EU and the US include Degree of Distribution, Page Creation Method, and Active Content.

Infosecurity reports: "Most US Healthcare Apps Susceptible to Cyberattack"