Almost half (48%) of healthcare organizations have experienced at least one cybersecurity incident over the past year, with each incident costing an average of $7.42 million—higher than in any other industry. Healthcare is a top target for cybercriminals owing to the extremely high value of patient data for identity theft and fraud, as well as the significant pressure to pay ransoms to restore life-critical services. The healthcare industry is vulnerable to numerous threats, including legacy systems, the interconnectivity of medical devices, and underfunding. Attackers know that, when it comes to patient health and well-being, healthcare providers will do whatever it takes to avoid disrupting patient care, including acceding to high ransom demands.
Major Healthcare Breaches in Recent Years
Some of the biggest healthcare breaches over the past two decades reveal exactly why in healthcare managed security needs to be a priority. In 2015, for instance, Medical Informatics Engineering (MIE), a developer of electronic medical record software, experienced a data breach impacting at least 11 of its healthcare provider clients. The breach occurred when cybercriminals used a compromised username and password and obtained undetected access for 19 days. Compromised data included patients’ names, telephone numbers, mailing addresses, security questions and answers, dates of birth, social security numbers, lab results, diagnoses, health insurance policy information, medical conditions, and more. MIE was slapped with a $100,000 fine for breaching a HIPAA security rule, which specifies the requirement for thorough risk analysis to discover potential breaches. This attack is one of many that exposed patients to privacy breaches and the risk of identity theft.
Cybersecurity Threats Affecting Healthcare
There are five main threats to cybersecurity in healthcare: malware or ransomware, data breaches, phishing, medical device vulnerability, and insider threats. For instance, malware and ransomware can lock critical systems, preventing patients from receiving the care they need. A recent example is the ransomware attack on the pathology services provider Synnovis. The attack disrupted blood tests and transfusions, delaying essential cancer treatments and surgical procedures at various hospitals. Cyberattacks on medical devices are just as dangerous, as they can disrupt life-saving functions such as pacemakers and ventilators, cause treatment delays, lead to incorrect diagnoses, and force entire service shutdowns at hospitals and clinics.
Key Steps to Take to Guarantee Safety
To prevent cyberattacks from compromising patient privacy and safety, a multifaceted approach is necessary. These include taking regulatory compliance (including HIPAA and GDPR) seriously, conducting frequent risk assessments to identify system vulnerabilities, encrypting information and imposing stricter access controls, investing in employee training, and developing detailed incident response plans. Healthcare organizations and governments must account for new challenges, including the vast number of interconnected devices (IoT), the popularity of cloud computing, and the proliferation of mobile and health apps. Organizations must adopt cutting-edge technologies that enable users to access data in the cloud without compromising sensitive patient data. Just a few technologies that can be used to address these vulnerabilities include homomorphic encryption (which allows users to share encrypted data to third-party providers without allowing the latter to decrypt patient data), AI security techniques (to detect and respond to threats more swiftly), and blockchain (which enables organizations to decide who can access patient records and prevents data from being altered).
Healthcare is among the most vulnerable industries to cyberattacks, including ransomware and malware. Health organizations are targets owing to the sensitive nature of the data they possess. Cyberattacks can disrupt patient access to critical medical care and expose data that can be used for identity theft. As such, organizations must adopt a multifaceted cybersecurity strategy and adapt to emerging technologies such as AI and cloud computing.
