The healthcare industry has been under immense pressure over the past few years. Medical professionals have been at the forefront of the fight against the Covid-19 pandemic, battling one of the deadliest viruses seen in decades. Many hospitals were overcapacity, with medical professionals struggling to make it through exhaustive shifts. With the healthcare industry at its most vulnerable, cybercriminals saw this as an opportunity to attack.
Rise in attacks on the healthcare industry
In recent years, digital technology has been widely adopted in healthcare and this has provided great opportunities to further healthcare and services to patients. It also means these institutions hold copious amounts of sensitive data, such as patient information like medical records, addresses, laboratory tests in addition to a variety of essential medical machinery, such as life support machines and IVs. However, it presents enormous risks in protecting data and maintaining critical systems from being disrupted by cyberattacks. In fact, in 2020, 92 ransomware attacks affected over 600 healthcare organizations, exposing more than 18 million patient records and costing an estimated $20.8 billion.
Additionally, hospitals are particularly attractive targets for cybercrime as they hold the same amount of financial data as banks. Both organizations retain customers’ personal addresses, dates of birth, and most importantly payment details, all of which are extremely sought after by cybercriminals. Yet, the healthcare sector only has a fraction of the security protection of banks, while suffering from an increased lack of visibility into their IT, Operational Technology (OT) and Electronic Healthcare Record (EHR) environments.
Furthermore, because cyberattacks have become such a problem within the healthcare industry, in the UK, The National Cyber Security Centre has also issued continuous warnings and support to organizations within this sector to remain vigilant of cybercrime. We saw the catastrophic impact a cyberattack had on Ireland’s health service which led to downed systems and cancelled appointments in late May this year.
Complex healthcare security systems with a fraction of the support and resources
Healthcare organizations are also easy prey for attackers as they have complex environments which are extremely difficult to secure. To further complicate matters, they often lack the resources and bandwidth to effectively secure them. In essence, healthcare organizations have three different layers of technology within a single infrastructure.. Firstly, there is traditional IT, such as laptops or desktops, and secondly, there is OT, such as clinical and medical devices.
This type of environment is similar to that found in other industries, such as manufacturing. However, in manufacturing, they will have IT systems in their offices and OT systems on their shop floors or in the field. This makes it easy for them to segment the responsibility of managing one kind of technology in a single location. However, in healthcare, a hospital will have IT and OT in the same room rather than separate locations, making it more difficult to secure as a whole.
On top of this, hospitals also utilize Electronic Health Record (EHR) systems, which collect and store all of the patients’ health information, acting as the operating system for the entire hospital. When all three of these technologies are meshed within a single environment, it creates security gaps as very few security solutions offer insight into all three technologies.
Virtual Care also includes security
The healthcare industry is undergoing a digital revolution. If securing IT, OT and EHR systems was not complicated enough, the advent of telemedicine has only complicated matters further. Telemedicine has seen exponential growth in recent years with 76% of U.S. hospitals already connecting with patients and consultants using videos or other technology, while six in ten healthcare organizations are already using IoT. With more technology and connected devices introduced into medical environments, there are more entries of attack for cybercriminals.
In addition to telemedicine, the introduction of 5G has also welcomed a world of opportunities for hospitals. 5G can allow technology to run up to 100 times faster than current cellular connections, changing how medicine is delivered. By using 5G, medical professionals will be able to send large files, such as patient scans and health records within seconds rather than hours, doctors can perform less invasive treatments and medical systems will be able to deliver remote monitoring to more patients due to 5G’s lower latency and higher capacity.
However, 5G not only introduces new opportunities to medical professionals and their patients. It also creates new opportunities for cybercriminals as well. As medical professionals start to favor 5G over the hospital’s secure Wi-Fi network, more sensitive activities, data, and devices will be available outside of the hospital’s operating systems making it more difficult to protect. Furthermore, the likelihood of using insecure networks and unmanaged devices also increases, which will present privacy and compliance hurdles
As digital transformation continues to sweep across the healthcare sector, medical environments and endpoints will become a significant target for hackers. Moving forward, security professionals must question their own assumptions and views of cyber threats in order to stay a step ahead of attackers. Healthcare organizations have a duty to care for their patients and that includes protecting their sensitive information and having the necessary visibility across devices and networks. This requires a dedicated endpoint security with secure access edge security (SASE) that will protect the healthcare organization’s staff, patients, devices and information.
