When attacks can threaten lives

The Healthcare industry is going through a rapid digital transformation which has made organizations extremely vulnerable to data breaches and malicious attacks. Healthcare provider’s public website, web services, and patient/provider self-service portals are critical digital channels that must be secured. Patients use their credentials to access lab results, order and update prescriptions, pay insurance premiums, and more. A breach resulting in compromised Patient Health Information (PHI) has serious ramifications for the organization.

Motivated attackers put extra effort into finding new and unexpected ways to infiltrate healthcare companies, and they won’t miss any window of opportunity.

When cyber-attackers infiltrate healthcare-related systems, they may be able to compromise and steal Protected Health Information (PHI) such as patient names, addresses, telephone numbers, medical conditions, treatments, pharmaceutical information, and insurance records. Unlike credit card information, PHI cannot be changed, which may account for its high value. In addition, information taken from healthcare services that can be used to forge medical backgrounds go for as much as $500 per listing in the dark web. Cybercriminals will continue to exploit security vulnerabilities in the healthcare industry, as there is a better chance of financial reward and return on their time investment. Whether their intent is to access patient data or collect a ransom – as long as these organizations remain easy targets, they’ll continue to be targeted. PHI is more valuable on the black market than credit card credentials or regular Personally Identifiable Information (PII). Therefore, there is a greater incentive for cyber criminals to target medical databases and sell the PHI or use it for their own personal gain.

In addition to dealing with cybersecurity threats and data breaches, the healthcare industry is also governed by the HIPAA regulatory mandate. Non-compliance with HIPAA results in significant fines, and compliance with HIPAA and other regulatory mandates is a boardroom issue.

The challenge for the healthcare industry in the years ahead is the drive to digitally transform organizations and increase automation, data, and system interoperability. But this all has to be done securely, otherwise the industry, regulators, and most importantly — patients — could lose their trust in the system.

Given the digital transformation that the healthcare industry is undergoing, many websites in the industry rely on an ever-expanding ecosystem of 3rd party suppliers to enhance and personalize user experience, increase engagement, track their customers’ journey and behaviors, and so on. These 3rd party tools offer great benefits, but also provide attackers with an attractive gateway for malicious activities such as formjacking, Magecart, JS Skimming and more. Malicious code may be injected into your website or run on end-users’ browsers without their knowledge. The more such tools are used, the more risks healthcare companies take. Instead of checking the security perimeter of any healthcare website is simply not enough. A website is affected by the security perimeter of all of the 3rd party tools it uses, and has no control over what’s happening outside the 3rd party circle: there are 4th, 5th and 6th party circles that most website owners are not even aware of.

There are many different types of attacks aimed at healthcare organizations:

  • Payment card skimming
  • Keylogging
  • Form field manipulation
  • Web injection
  • Phishing
  • Content defacement
  • Clickjacking
  • Malware and ransomware distribution
  • Watering hole attacks

Formjacking is The New #1 Threat

Formjacking and Magecart attacks can be very wide-ranged and affect millions of people at once, or they can be highly targeted and affect a very specific group of people. This is also one of the reasons it’s so difficult to detect them.

The major implications of such attacks include:

Businesses are required to meet certain standards to be considered “in compliance,” and fines can be levied against a business or its owner if it does not comply with them. 

Financial solvency:
If breached, a business has a whole host of other problems that will impact its bottom line. It may have to pay for a forensic investigation, data recovery services, credit monitoring for impacted parties, and more.

Customer trust:
Customers put a lot of trust in the online retailers they shop with, providing them with personal data and sensitive payment information with every purchase. Earning customers’ trust is critical to a long-lasting relationship, and once lost, earning it back is a very difficult task. That’s why breaches can have a big impact on long term customer loyalty and retention: 64% of consumers say that they are unlikely to do business again with a company from which their personal data was stolen.

Damage to brand reputation:
Reputation is a fragile thing. It takes years to build, and moments to destroy. When a breach occurs, the target audience feels betrayed and angry. The initial cost can be seen in the form of lawsuits, but there is a far greater cost that can last for years. Furthermore, this can negatively affect the business reputation of each person on the executive team and affect their future endeavors. Stocks drop, the team is affected, and revenues plummet. Unlike a fine, which can be paid and forgotten, reputation cannot be fixed so easily. 


Source Defense helps online retailers balance superb customer experience with critical security, without compromising website performance or stability. We create virtual pages that isolate the 3rd party scripts from the eCommerce website. The virtual pages are an exact replica of the original pages, excluding what the 3rd parties are not supposed to see. We monitor all 3rd party script activities on the virtual pages. If the activity is within the premise of what they are allowed to do, we will transfer it from the virtual page to the original page. If not, we will keep their activity on the virtual pages isolated from the user and send a report to the eCommerce website owner, alerting them of the 3rd party scripts that violated their security policy.

With attacks on eCommerce websites on the rise, ensuring that your customers’ payment and personal information is protected should be a priority if you want to avoid the implications of a data breach. Contact us to learn how the Source Defense VICE real prevention solution will protect your website from the growing threat of Magecart, formjacking, and other digital skimming cyberattacks:

  • Isolating scripts from the page
  • Evading harmful activities
  • Applying best practices
  • Securely enhancing websites
  • Keep benefiting from 3rd parties