The healthcare industry has been the recipient of increased attention as a result of the COVID-19 pandemic. With cybercriminals making and breaking promises not to attack healthcare targets during the crisis, and the formation of teams of volunteers to protect healthcare against cyber threats, it’s become increasingly clear that cybersecurity is a growing concern in the healthcare industry.
Healthcare Cyber Risks Are Nothing New
While attention may have increased, cyber-based threats to healthcare did not start with the COVID-19 pandemic. For years, healthcare organizations have struggled with the challenges of balancing the need to focus on providing patient care with the responsibility to properly protect healthcare data and systems.
The Insecure Internet of Medical Things (IoMT)
Organizations in many industries have adopted the use of Internet-connected devices to improve operational efficiency, and the healthcare sector is no exception. The average hospital room has 15-20 Internet-connected devices, and many medical diagnostic tools are network-connected, including physiological monitors and MRI/CT/ultrasound scanners.
By connecting medical devices to the network, scans and other medical procedures can be performed more rapidly. In certain cases, this increased speed and efficiency can, quite literally, be a lifesaver.
However, Internet of Things (IoT) devices are notoriously insecure. Some botnets, such as Mirai, were built simply by logging into these devices with weak, default passwords. Others take advantage of the fact that IoT devices rarely are protected by antivirus, nor do they receive security updates on a regular basis. These vulnerable devices, which process valuable healthcare data, are a prime target for cybercriminals.
A Leader in Data Breaches
With a total of 521 reported breaches in 2019, Healthcare has proven to be the leading sector in data breaches. The healthcare sector is a profitable target for cybercriminals because it processes a wide range of valuable information, including personally identifiable information (PII), medical records, and payment card data.
The healthcare sector is also a leader in data breaches involving insider threats. These do not necessarily involve malice on the part of the insider as it often includes breaches caused by employee negligence. The high percentage of healthcare breaches involving employees underscores the importance of better protecting the sensitive and valuable data entrusted to healthcare providers.
A Common Target of Ransomware
The original goal of ransomware was to demand ransom from a target in return for restoring access to their encrypted data. Over time, this goal has evolved to include stealing sensitive data and threatening data breaches if the target does not pay the ransom.
The healthcare sector is a perfect target for both of these types of attacks. In the medical sector, an outage of critical systems can render them unable to provide critical care, therefore restoring operations (by paying the ransom) is a priority. Additionally, the valuable data that could be stolen by ransomware from a hospital or other care provider’s computer could be extremely damaging if breached. As a result, ransomware attacks against healthcare have become common, with a 350% growth in the last quarter of 2019 before COVID-19 changed cybercriminals’ targets.
How MorganFranklin Can Help
The healthcare sector faces many of the same cyber threats that organizations in other industries face. However, the value of the data processed by healthcare systems and the potential impact of even small service disruptions make it a prime target for cybercriminals. In most cases, addressing the cyber risks of healthcare requires small infrastructure or procedural changes, such as properly firewalling IoMT devices, implementing strong identity and access management (IAM), and implementing a robust data backup solution.
Despite commonalities, every situation is different, and cyber solutions must be tailored to an organization’s unique environment. By partnering with a Managed Security Services Provider (MSSP), a healthcare organization receives access to in-depth cyber knowledge, personalized attention and advice, and the ability to scale their cyber defenses to address an accelerating and expanding cyber threat landscape.
