25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

DDoS and Healthcare Web Application Attacks on the Rise

Posted By on Sep 30, 2016

There was a threefold increase in attacks on healthcare web applications from the second quarter of 2015 to Q2 2016, according to a new report from content delivery network and cloud services provider Akamai Technologies. From Q1 to Q2, 2016, web application attacks increased by 14%. There was a 197% increase in web application attacks sourcing from Brazil, while attacks sourcing from the United States fell by 13%.

The US was the most targeted country in Q2, 2016. 64% of attacks were conducted on organizations in the United States, compared to 60% of attacks in Q1.

Most web application attacks were conducted on organizations in the retail, hotel & travel industries. 0.31% of web application attacks were conducted on the healthcare sector in Q2, 2016. That corresponds to 899,827 attack triggers. According to Akamai, the healthcare industry is being increasingly targeted as attackers attempt to get hold of valuable health data.

There was also a 129% increase in total DDoS attacks in Q2 2016 compared with Q2, 2015, and a record number of NTP reflection attacks occurred – up 276% in Q2, 2016 compared to Q2, 2015. Infrastructure layer attacks were 151% higher and UDP flood attacks were up by 70%. DDoS attacks increased by 9% from Q1 2016 to Q2 2016.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

There was a significant reduction in median attack bandwidth, which fell by 36% compared to last quarter. The largest DDoS attack recorded by Akamai was 363 Gbps, which was one of two 300 Gbps+ attacks recorded in Q2. 12 attacks exceeded 100 Gbps.

There was no statistically significant change in the number of DDoS attacks conducted per target, although numbers fell from 29 to 27 from Q1 to Q2 this year. In Q1 2015, there was an average of 17 DDoS attacks per organization and an average of 24 attacks per organization in Q2, 2015. While the average number of attacks per organization dropped slightly, large organizations are still being heavily targeted. Akamai reports that one target suffered 373 separate DDoS attacks in Q2. According to the report, it is probable that DDoS attacks will continue to increase.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist