Ideally, healthcare would be the last sector targeted by hackers and cyber attackers – after all, no one wants to cripple critical hospital infrastructure and play with lives. However, healthcare is still the hardest hit when it comes to the average cost of a data breach, peaking at $9.2 million in 2021.
But why health care?
It’s not that healthcare executives don’t want to invest in cybersecurity solutions, but there are many obstacles. The ongoing evolution of cyber attacks, aging medical infrastructure and the high market value of private patient data are some of the reasons why healthcare continues to battle cyber threats like no other.
Moreover, there is a lack of time and resources to train medical personnel on the nature of cyber attacks. While they are well trained to save lives, they are not adequately trained to understand the consequences of online risks.
After further sleuthing and sifting through various sources, we identified the most common cyberattacks that threaten healthcare.
Ransomware
Ransomware was the most common and fastest-growing form of malware in 2021, and in 2023, there are no signs of it slowing down. It is also the attack vector most frequently chosen by threat actors targeting the healthcare industry. In a typical ransomware attack, threat actors gain access to sensitive data and encrypt it, forcing victims to pay a ransom in exchange for releasing that data. Simply put, data is held hostage. Instead of paying a ransom, it is better to invest a fraction of that money in data encryption and backup tools.
Data theft
A hacker has more to gain from selling personal health information (PHI) than from selling credit card records on the black market. The average cost of one PHI record on the black market is $355. To put that in perspective, the average cost per record of credit card data is a measly $1-$2. Organizations in the U.S. can stay up to date on recorded healthcare breaches on this site. Data breaches can occur for a variety of reasons, such as weak or stolen credentials or malware.
Unauthorized access
The first and most important rule for protecting medical patient records is to secure them from the inside. This is done by ensuring that only a specific group of people within the company have access, including employees and authorized third parties. Critical PHI or personally identifiable information (PII) must be protected not only from the prying eyes of cybercriminals, but also from people within the organization who have nothing to do with it.
A hacked network server
Unlike IT systems in other industries, a healthcare network is a ubiquitous platform that connects different parts of a healthcare organization, including MRI machines, patient monitoring tools, workstations, operating systems, peripherals and computers. While these various components enhance the overall healthcare experience, they also increase the organization’s attack surface.
This complicated interplay of resources can lead to network blind spots, which can be a breeding ground for backdoors and vulnerabilities that hackers can exploit. To prevent this, it is recommended that healthcare networks be fortified with a combination of firewalls, intrusion prevention systems and vulnerability detection and remediation tools, while deploying a bundled endpoint management solution to improve network visibility.
Phishing
A typical blueprint of a cyber attack involves scanning the network for vulnerabilities and exploiting those vulnerabilities to gain unauthorized access to files and information. In the case of phishing, we are the biggest weak spot usually exploited: people. Training healthcare personnel, setting up privileged access and enforcing multi-factor authentication can help control phishing attacks.
Affected business emails
This attack is a form of phishing, but it does not target the hospital network, but the employees who work there. Cybercriminals pose as someone in upper management and trick employees or healthcare departments into transferring money to the cybercriminal’s account using a combination of forged emails and social engineering.
Insecure servers or databases
Hospitals sometimes accidentally store patient records on a publicly accessible server in a way that someone with an Internet connection can easily access. This can result in an outright security breach, putting thousands, if not millions, of PHI records at risk. Fortunately, compliance mandates ensure that healthcare organizations handle and store PII more securely.
Round up
Healthcare organizations are becoming increasingly dependent on IT. While organizations are using advanced technologies to improve the patient experience and automate workflows, these technologies are rarely designed with security in mind. And while this may increase the attack surface, it should never be a deterrent to innovation.
