By Dirk Schrader, resident CISO (EMEA) and vice president of security research, Netwrix.
Ransomware is steadily increasing each and every year, with the healthcare and hospital industries suffering among the most. In 2021, we saw that “The healthcare sector is seeing the highest volumes of ransomware attempts, averaging 109 attempts per entity, every week.”
Why is this sector being targeted specifically? They hold extremely sensitive patient data and information. Hackers are working more diligently than ever to find data, threaten hospitals and providers, and even extort individuals themselves. With such a high amount of cybercrime, how can this sector protect itself and its patients? To start, by learning about security trends and working to implement them where they can.
Here are five security trends we’ll see more of in 2022:
Cybercriminals will be increasingly greedy.
In 2022 attackers will search for new ways to monetize the access to large data troves. This may lead to changes in the tactics, techniques and procedures of threat actors. They will begin to extort individuals rather than the infiltrated companies themselves. The healthcare industry is especially prone to this trend. The data generated and held by a healthcare sector is life-changing for many people and can easily be misused.
Consider this possible scenario: by extracting and aggregating personal data about hundreds of thousands of diabetic patients (34.2 million people alone are diabetic in the US), threat actors might try to ‘offer’ cheaper drugs to the individual patients, extracting money from a highly vulnerable group. If such a scheme can trick, let’s say, ten thousand victims to pay $500 for Insulin (instead of about $1,000 on average), the amount of money on the table is substantial.
Medical device IoT will create more security gaps.
More and more medical devices are being connected using vulnerable IP stacks or old webserver packages which cannot be easily patched as it would jeopardize the devices certification for medical use. In 2017, around 10 billion medical devices were connected to the internet, with an expected jump to 50 billion by 2027. While this connectivity has created so much opportunity for advances in the medical field, it has also created a new set of vulnerabilities.
Frequently, the task of configuring a medical device is considered done when it operates within the parameters of the medical process it is supposed to support or enable. Any additional security aspects are overlooked and often neglected. As long as these medical and IoT devices remain unmanaged, unmonitored and improperly updated, this exposure risk will continue to be exploited by threat actors throughout 2022 and beyond.