CSO News –
Healthcare organizations can expect ransomware, botnets, cloud misconfigurations, web application attacks, and phishing to be their top risks.
Consumers are more worried now about their protected health information (PHI) being compromised, thanks to high-profile breaches like Anthem and Allscripts. The recent RSA Data Privacy Report surveyed 7,500 consumers in Europe and the US. It showed that 59 percent of the respondents were concerned about their medical data being compromised. Thirty-nine percent were worried that a hacker would tamper with their medical information.
They have good reason to be concerned. Healthcare as an industry continues to be a prime target for hackers, and there is a significant risk from internal threats, too.
Why healthcare is a target for hackers
Healthcare organizations tend to have a few attributes that make them attractive targets for attackers. A key reason is the number of different systems that are not patched regularly. “Some of them are embedded systems that, due to the way the manufacturer has created them, can’t be easily patched. If the healthcare IT department were to do so, it would cause significant problems with the way the vendor can support them,” says Perry Carpenter, chief evangelist and strategy officer at KnowBe4.
The critical nature of what healthcare organizations do puts them on the radar of attackers. Health data is a valuable commodity in the cybercriminal world, and that makes it a target for theft. Because of what’s at stake—the well-being of patients—healthcare organizations are more likely to pay ransomware demands.
Cyberattacks targeting the healthcare sector have surged because of the COVID-19 pandemic and the resulting rush to enable remote delivery of healthcare services. Security vendors and researchers tracking the industry have reported a major increase in phishing attacks, ransomware, web application attacks, and other threats targeting healthcare providers.
The trend has put enormous strain on healthcare security organizations that already had their hands full dealing with the usual volume of threats before the pandemic. “The healthcare industry is under siege from a range of complex security risks,” says Terry Ray, senior vice president and fellow at Imperva. Cybercriminals are hunting for the sensitive and valuable data that healthcare has access to, both patient data and corporate data, he says. Many organizations are struggling to meet the challenge because they are under-resourced and rely on vulnerable systems, third-party applications, and APIs to deliver services.
Ray and other security experts identified multiple issues that present major threats to healthcare organizations. Here are five of them:
1. The rising ransomware threat
Ransomware has emerged one of the biggest cyber threats for the healthcare sector since at least the beginning of the global COVID-19 pandemic. Attackers have discovered that healthcare organizations delivering vital, life-saving treatments can be more easily extorted than ransomware victims in almost every other sector. Many healthcare organizations are also more susceptible to attacks because of new digital applications and services they have had to launch to address demand for telehealth services, contact tracing, and in some cases to support research activity around COVID-19 vaccines and treatment. Concerns over the trend prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to issue a rare warning to the healthcare industry last October.
The single biggest risk today in healthcare is having electronic health records (EHRs) and systems, says Caleb Barlow, president and CEO of CynergisTek. “Past attacks have shown when a hospital undergoes a ransomware-induced lockdown period, access to EHRs is shut down, and patients may have to be diverted for care,” he says. Such attacks can prevent access to critical prescription information and dosing for patients with complex, chronic conditions like diabetes or cancer. Worse, hackers can potentially take it a step further and manipulate health record data to undermine patient care, he says.
Historically, healthcare institutions transferred this risk to cyber insurance, but that is becoming more difficult because insurers are making it harder for organizations to purchase ransomware protection without specific controls like multi-factor authentication and endpoint detection and response technologies, Barlow says.
Tags: Emerging Threats New Trends Ransomware Attack Safety Alert
