Healthcare Cyber Risks Are Nothing New
While attention may have increased, cyber-based threats to healthcare did not start with the COVID-19 pandemic. For years, healthcare organizations have struggled with the challenges of balancing the need to focus on providing patient care with the responsibility to properly protect healthcare data and systems.
The Insecure Internet of Medical Things (IoMT)
Organizations in many industries have adopted the use of Internet-connected devices to improve operational efficiency, and the healthcare sector is no exception. The average hospital room has 15-20 Internet-connected devices, and many medical diagnostic tools are network-connected, including physiological monitors and MRI/CT/ultrasound scanners.
By connecting medical devices to the network, scans and other medical procedures can be performed more rapidly. In certain cases, this increased speed and efficiency can, quite literally, be a lifesaver.
However, Internet of Things (IoT) devices are notoriously insecure. Some botnets, such as Mirai, were built simply by logging into these devices with weak, default passwords. Others take advantage of the fact that IoT devices rarely are protected by antivirus, nor do they receive security updates on a regular basis. These vulnerable devices, which process valuable healthcare data, are a prime target for cybercriminals.
A Leader in Data Breaches
With a total of 521 reported breaches in 2019, Healthcare has proven to be the leading sector in data breaches. The healthcare sector is a profitable target for cybercriminals because it processes a wide range of valuable information, including personally identifiable information (PII), medical records, and payment card data.
The healthcare sector is also a leader in data breaches involving insider threats. These do not necessarily involve malice on the part of the insider as it often includes breaches caused by employee negligence. The high percentage of healthcare breaches involving employees underscores the importance of better protecting the sensitive and valuable data entrusted to healthcare providers.
A Common Target of Ransomware
The original goal of ransomware was to demand ransom from a target in return for restoring access to their encrypted data. Over time, this goal has evolved to include stealing sensitive data and threatening data breaches if the target does not pay the ransom.
The healthcare sector is a perfect target for both of these types of attacks. In the medical sector, an outage of critical systems can render them unable to provide critical care, therefore restoring operations (by paying the ransom) is a priority. Additionally, the valuable data that could be stolen by ransomware from a hospital or other care provider’s computer could be extremely damaging if breached. As a result, ransomware attacks against healthcare have become common, with a 350% growth in the last quarter of 2019 before COVID-19 changed cybercriminals’ targets.