With new threats and challenges emerging in the digital world every day, maintaining optimal IT security has become a daunting task for any organization. More than ever before, healthcare organizations are feeling the heat from regulators regarding cyber security. In this blog post, we look at some of the top healthcare IT security tips you should know to keep your organization safe from cyberattacks.
With more than one billion records being compromised every year, data privacy and protection is a topic that cannot be ignored anymore by any organization without risking its reputation significantly. Considering how many patient records are digitized these days, it’s not surprising that hackers are increasingly targeting healthcare companies with ransomware attacks or other ways to get access to confidential information.
Know Your Employees And Monitor Behavior
Healthcare organizations often deal with extremely sensitive data, and thus it’s important that your employees are aware of what information is private and what information can be shared publicly. It’s also important to keep an eye on how your employees are using their devices at work.
If you notice that someone is downloading files from the network that they shouldn’t be accessing, it might be an indication of malicious behavior. It’s also important to keep an eye on the devices your employees are using. If your organization has BYOD (Bring Your Own Device) policies, it’s important to make sure that those devices are secured against malware or other threats.
Ensure Strong Passwords And Network Security
While there are many different ways for cybercriminals to break into your network, weak passwords remain a commonly exploited vulnerability. It’s important to make sure that your employees are using strong passwords containing a combination of letters, numbers, and symbols.
To avoid having to reset passwords on a regular basis, it’s a good idea to suggest the use of password managers. Another important network security tip is to implement two-factor authentication (2FA) for all critical systems. This will help to prevent unauthorized users from accessing sensitive data.
Many cyber gangs list ‘medical organizations’ as non-targets. But, that hasn’t stopped them from executing attacks on hospitals, health delivery organizations, pharmaceutical companies, and other entities in the sector.
Since 2020, the health sector has seen a rapid rise in cyberattacks. Ransomware has been the main form of attack.
Cybercriminals have claimed that healthcare providers have only been collateral victims. Yet, some have deliberately targeted hospitals to obtain classified medical records, transactions, and other sensitive patient data. This article will uncover the main cybersecurity challenges facing the healthcare industry, as well as some solutions to the main threats.
Top Cybersecurity Challenges for Healthcare Organizations
Ransomware
Ransomware gangs have stepped up their attacks on critical national infrastructure, including healthcare.
A survey from 2021 interviewed 597 health delivery organizations. 42% of them reported being victims of at least two ransomware attacks in previous years.
Ransomware is usually distributed through phishing emails containing trojan viruses. The attackers disguise the virus as a link or attachment. When a user clicks the link or downloads the attachment, the trojan is ready to strike.
By Devin Partida, technology writer and the editor-in-chief, ReHack.com.
The medical industry’s growing reliance on digital technologies has come with some increased risks. That became painfully evident for thousands of patients in the wake of a recent ransomware attack on CaptureRX, a healthcare administrative service provider.
On February 6, hackers accessed sensitive patient data from multiple CaptureRX clients, affecting at least 1 million people. The company started investigating after noticing unusual activity, and by February 19, it could confirm that someone had stolen patients’ personally identifiable information (PII). CaptureRX started alerting affected clients on March 30, and the full scope of the incident is still unclear.
Health IT’s Growing Ransomware Problem
This is far from the first instance of a ransomware attack on a health IT company. Ransomware as a whole has become much more common in the past few years, and medical businesses are more at risk than most. Hospitals have more to lose in these attacks, given the sensitive nature of their data, so a successful breach could be more profitable for hackers.
In 2020 alone, there were 92 ransomware attacks against healthcare organizations, affecting more than 18 million patient records. That represents a 60% increase over 2019 in the number of attacks and a 470% increase in records affected. Since 2016, these attacks have cost the industry more than $31 billion.
The CaptureRX attack is the latest in a troubling and growing trend of ransomware attacks against health IT. If industry leaders aren’t already aware of this problem, the sheer size of this incident will likely get their attention. With these attacks becoming more frequent and expensive, the sector will likely shift in response.
The COVID-19 pandemic has created a number of personal health data challenges for both healthcare organizations and private businesses alike. From vaccine passport requirements and businesses handling incredibly sensitive information on their employees, to healthcare workers accessing sensitive patient data while working from home, the health crisis has created unprecedented data security and compliance challenges for employers and healthcare providers.
COVID-19’s Impact on Data Security
When COVID-19 first hit, many healthcare organizations shifted to a partially remote workforce overnight. This meant that healthcare administrators were using personal devices and had access to systems and data that they previously could only access on their employers’ network. The focus was on productivity and business continuity, not cybersecurity.
However, over a year later, we are still using this makeshift IT environment and the increased cyber risks have not been addressed. By accessing patients’ private healthcare information from personal devices or home networks, administrators are doubling or tripling the risk of a breach.
Why Do Criminals Want Healthcare Data?
There are several regulations designed to protect personal data, but health data presents unique challenges. For example, if my credit card were stolen, I can be assured that PCI would cover any losses due to my banks’ contractual obligations with credit card companies. However, my health data – including DNA, disease history and medical conditions – are fully unique. No one can reimburse me with a new set of personal health information!
Criminals understand this, which has led to a rise in personal health data being stolen. Many hackers are now breaching health systems’ networks for personal information, and demanding ransom from individuals to keep that data private.
Furthermore, healthcare workers have been under increased pressure due to the pandemic, which has made hospitals and health systems a more appealing and “softer” target for hackers.
Response from Sarah Johnson, RN and the health ambassador, Family Assets.
I’m an RN and the health ambassador for Family Assets, an eldercare and senior living resource for older adults and caregivers.
Working in eldercare and watching how telehealth technology has radically reshaped geriatric care during the pandemic, I think the most important question healthcare technology professionals should be asking themselves right now is: given that hospitals and healthcare facilities have been prime targets for cybercriminals, largely because of aging infrastructure, what needs to be done to make the rapidly expanding healthcare tech industry more secure?
I think the obvious answer to this is the development of much more robust digital security protocols at individual institutions and a massive educational initiative for healthcare providers and workers. This should include, among other things, scheduled stress testing that probes for cybersecurity vulnerabilities.
Too many organizations, within and outside of healthcare, are completely unprepared for the cyberthreats they face and are not diligent enough when it comes to monitoring and probing for weaknesses.
All healthcare technology professionals should have this issue front and center
Netwrix, a cybersecurity vendor that makes data security easy, released predictions about key trends that will impact organizations in 2021 and beyond. Most of them arise from the digital transformation and new workflows required by the rapid transition to remote work in 2020.
Ilia Sotnikov, cybersecurity expert and Netwrix vice president of product management, recommends that IT and security professionals refine their risk management and business continuity strategies with these seven predictions in mind.
Ransomware will do more damage to motivate payments
Next-gen ransomware will be designed to do damage that is more difficult to recover from in order to force organizations into paying the ransom. One example is “bricking” devices by modifying the BIOS or other firmware. Cybercriminals will also be expanding to new targets, such as operational technology and IoT devices, which may have a much more visible impact on the physical world.
Cloud misconfigurations will be one of the top causes of data breaches
A lack of clear understanding of the shared responsibility model due to the rapid transition to the cloud will backfire in 2021. The speed of transition coupled with prioritizing productivity over security has made misconfigurations inevitable, resulting in overexposed data.
Hackers will increasingly target service providers
The shortage of cybersecurity experts will lead more organizations to turn to managed service providers (MSPs). In response, hackers will conduct targeted attacks on MSPs in order to get access to not just one organization but all of the MSP’s customers.
The rapid digital transformation in 2020 will have a delayed impact on cybersecurity in 2021
In 2020, organizations were forced to quickly adapt to new ways of working and implement new technologies; and through their own admission via the upcoming Netwrix survey with little experience and nearly no time for planning and testing. In 2021, the security gaps caused by the inevitable mistakes during this rapid transition will be exploited, and we will see new data breach patterns like the recent Twitter hacks.
The coronavirus pandemic has impacted us profoundly as most nonessential businesses stay closed, and the nations worldwide stay indoors. The hospital staff is under tremendous stress, and all non-critical medical treatments and procedures are on hold until further notice. The pandemic has halted all industrial activity, and the medical field, the frontline warrior against the virus, has been disrupted the most.
Sadly, whether an opportunistic trend or organized crime, critical situations have always given criminals a favorable moment to strike. Owing to their large payouts and increased public interest in it, medical facilities have emerged as a prime target.
Healthcare: A target of organized fraud
While the health sector has always been a dominant area in case of fraud, the situation intensified after the COVID-19 outbreak. One of the biggest battles that the medical facilities needed and still need to combat is the trafficking of substandard and falsified medical products. These items usually included hand sanitizers, test kits, face masks, and other medical equipment. As the demand for such products spiked, criminal activities attempt to take advantage of the public health system’s capacities.
Besides this major threat, healthcare facilities need to prepare their infrastructure for various cyberattacks. The COVID-19 lowered the resistance of many facilities. INTERPOL reports a significant increase in the number of ransomware attacks against companies and organizations that battle the COVID-19 crisis.
Ransomware virus is one of the deadliest infections as it is capable of stealing or encrypting medical data. Then, if facilities want to retrieve the decryption key or prevent the data from being disclosed publicly, they need to pay large ransoms. During this situation, when hospital staff needs to have access to medical records and patient histories, losing all this confidential data can lead to death. Hence, hospitals need to consider whether their infrastructure is capable of resisting a ransomware infection. One of the options is to perform frequent penetration tests. They help organizations discover their weak points and evaluate the resistance against cyberattacks.
By Justin Fier, director of cyber intelligence and analytics, Darktrace
As the healthcare sector struggles against the COVID-19 crisis, working tirelessly to protect staff and patients while struggling with worsening economic realities, cybercriminals around the world are seeing a golden opportunity to attack.
Overwhelming demand, exhausted staff, IT teams pulled in multiple directions, and a critical reliance on technology to treat patients mean that adversaries have never had more opportunity or incentive to attack healthcare organizations.
By locking healthcare providers out of critical systems at this critical time, attackers can force them to pay a ransom to recover access or face adding to the already grim death toll.
Recently, an advisory was jointly issued by CISA and the UK’s National Cyber Security Centre (NCSC). This joint alert stemmed from the increase in state-sponsored attacks against organizations connected to COVID-19 research and response. These include pharmaceutical companies, hospitals, government agencies, research institutes, and more.