The company suggested that healthcare providers must take measures to minimise vulnerabilities. Credit: Irwan iwe on Unsplash.

A new report by cyber assessment company Outpost24 has found that 90% of the web applications used by the US healthcare operators are vulnerable to cyber-attacks.

The company recently published the results of its 2021 Web Application Security for Healthcare report, which assessed the top ten healthcare providers in the US.

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

According to the report, majority of the healthcare providers had an external attack surface score of 30 out of 58.4. The figure is classified by the company as ‘critically exposed’ indicating high susceptibility.

Outpost24 used its external attack surface management tool to determine the scores and evaluate the security exposure of healthcare providers’ web services.

The report found that US entities had a larger attack surface with an average risk exposure score of 40.5 compared to their counterparts in Europe. The European Union pharmaceutical companies had a score of 32.79.

The tool is said to have been designed to make assessments considering various factors such as applications per page, usage of outdated software components as well as what vulnerable third-party software it is using.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The report further said that top ten US healthcare organisations operate 6,069 web applications on 2,197 domains, of which 3% considered as ‘suspicious’.

Additionally, the report underlined that 24% of these applications run on old components.

Outpost24 suggested that healthcare providers must take measures to minimise vulnerabilities and work to minimise overall attack surface.

Outpost24 security researcher Nicolas Renard said: “It’s paramount the healthcare organisations carry out the necessary due diligence to continuously evaluate their internet exposed security perimeter given the highly sensitive information stored.

“Any kind of data breach and downtime for healthcare organisations can be fatal, therefore they must take a proactive stance to identify and mitigate potential security issues before critical care can be impacted.”