With the changing nature, depth and consequences of cyberattacks in healthcare, the nature of preventing, monitoring and managing those threats requires a new approach. When we talk about the digital transformation in the healthcare sector, it is not just data rather everyday operations in health care has threatened the momentum for digital health transformation. The healthcare industry is a prime target for cybercriminals. For cybercriminals, the healthcare industry is a golden goose. The healthcare industry’s growing use of connected medical devices, equipment and other IoT devices also means there are many new risks and endpoints to manage and secure. There have been more than 200 individual ransomware attacks on the healthcare organizations since 2020. This makes medical facilities a prime target for ransomware attacks. At the core of the increased risk to healthcare organizations is the richness and uniqueness of the information that the health planners, doctors, hospitals and other providers handle. Apart from typical financial fraud, there is also the possibility of Medical insurance fraud, or, in the case of providers, attacks on computer-controlled Medical devices as reported by Beyond Security.
In terms of technical capabilities, the healthcare industry is behind other industries in protecting its infrastructure and electronic protected health Information (ephi) – as commonly seen in the use of outdated clinical technology, Insecure network-enabled medical devices, and an overall lack of information Security management processes. Some organizations may not realize the sophistication of hackers and their means to infiltrate confidential patient data networks. Interconnectivity of data in the healthcare sector holds huge promise for health outcomes – improving both quality and efficiency of medicines.
Secondly, many healthcare providers outsource services such as HIMS, payroll and web development to third-party vendors. These vendors often have access to sensitive information, which can be more vulnerable to attack outside the organization — particularly if the healthcare provider doesn’t have full visibility on how a vendor manages security.
Hospitals and the healthcare industry continue to be a prime target for ransomware. The FBI warns of a threat against the healthcare sector from Ryuk ransomware, and one that has already affected some hospitals. Security experts report that this latest attack has already hit at least four hospitals and could affect hundreds more. In Pune also we have recently come across a data breach in the hospitals. It has attacked four different servers at a time. There are many cases happening across the globe, but it has not been reported to the public, with a fear of business loss and reputation.
The risks associated with interconnectivity are also of great concern. The evolving threat landscape, where cyber-attacks today are more sophisticated and well-funded, increased the value of the compromised data on the black market. Cyber threats on health care facilities can be divided into two categories: the untargeted attacks and the targeted attacks. The untargeted attacks do not discriminate between assets. Therefore, adversaries choose the targets that maximize their gain/cost ratio first. That way, a high profit is generated with the least effort. Untargeted attacks could also be directed against patients. On the other hand, targeted attacks have specific assets in the crosshairs.
The reason for targeting this sector is when cyber attackers see that key healthcare businesses pay the ransom, they see the enormous potential of getting rich without caring about the damage they may do. As healthcare organizations pay ransoms and the large dollar amounts they pay are highlighted in the news, this becomes an indication that this is a sector that is willing to pay.