Healthcare organizations are arguably the most popular targets for cyberattacks. According to the latest report by SonicWall, the healthcare industry:
In the first part of this two-part blog series, you'll learn why healthcare has come under the attackers' field of vision. Understanding this is key to identifying the vulnerabilities that the healthcare sector needs to confront. Addressing these issues will ensure the confidentiality and integrity of patient data, as well as improve patient care and save patient lives.
It is crucial for healthcare organizations to protect their data at all times, be it at rest or in transit. Even how doctors access data should be carefully monitored and controlled. The popularity of telemedicine and telehealth has made data security more difficult. IT security professionals working in healthcare have to continue being vigilant to protect patient data in their infrastructure. Since the increased use of online teleconsultation, IT teams are further challenged with ensuring endpoint security in internet-based video meetings between the doctor's office or residence, and the patient's home or other location. Insecure connections can cause a big impact for the organization, beyond privacy and security compliance issues. Attackers could impersonate patients, and under the guise of sharing a test report for consultation, could embed the file with a malware or ransomware payload that ultimately wreaks havoc on the organization's IT infrastructure.
Telemedicine aside, hospitals often have a hard time securing their data because they usually don't possess a strong IT foothold. Patient care and medical excellence are their primary concerns. That's why, when they receive funding, they often invest money on tangible things, such as medical equipment that might save more patient lives, instead of on cybersecurity. In an ideal world, this wouldn't be a problem; alas, we don't live in such a world. In the times we live in, you're likely to witness threat actors escalating the severity of their attacks to inflict maximum damage.
Data security should also become a primary concern for healthcare and healthcare-related organizations, especially since hospitals rely heavily on IoT as well. Reliance on network-based medical devices further increases the attack surface.
Medical devices are typically designed with functionality in mind, rather than security. Moreover, hospitals don't always patch or upgrade these devices, adding to their vulnerability. Attackers know this. That's why they'll exploit Internet of Medical Things (IoMT) devices to enter your network, execute malicious scripts, and escalate privileges to carry out their assault. These attacks could have disastrous consequences. For example, an intruder could carry out medjacking. Medjacking is a type of attack where hackers hijack medical devices, such as an infusion pump to increase or decrease the rate at which the drug is dispensed. This can prove fatal to the patient.
As if this weren't enough, once they've gained entry into the network, they could move laterally, escalate privileges, encrypt sensitive patient files, and demand that the hospital pay them the stipulated ransom to decrypt the files. Later, they can decide to up the stakes by threatening to leak patient files online if the hospital doesn't pay. But, some attackers don't stop there. They can show just how callous they are by contacting patients directly and manipulating them into paying a ransom. If the attacker is especially devious, they'll even sell the medical record for as much as $1,000 to an interested third party. And that's after the victim and the hospital have paid the ransom. However, ransomware attacks don't always cost people money alone; sometimes, they cost patients their lives too!
Another pain point, from a security standpoint, is the lack of trained cybersecurity professionals and cybersecurity awareness among hospital staff. The latter results in the hospital staff falling victim to social engineering attacks such as phishing, business email compromise, or scareware, thereby allowing attackers to enter the network. Moreover, apart from the lack of solid security protocols to monitor and control user access and privileges, the shortage of professionals often gives the intruders free rein once they enter the network because there typically is hardly any network segmentation done on most hospital networks.
Because hospitals are also liable for financial and legal consequences for any leak or loss of patient data due to third-party vendor breaches, it becomes imperative for hospitals and healthcare-related organizations to improve their cybersecurity posture. Third-party risk assessments and supply chain security are crucial if healthcare organizations are to protect themselves from cyberattacks and their repercussions.
In summary, healthcare is most at risk because:
To learn more about how healthcare organizations can improve their cybersecurity posture, and prevent falling victim to vicious cyberattacks, stay tuned. Thanks for reading, folks!
You will receive regular updates on the latest news on cybersecurity.
© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.