Cyberattacks have been on a steady increase over the past few years, with the healthcare sector emerging as a particularly lucrative target for bad actors. These compromises are not only happening at huge financial cost to the UK’s healthcare institutions, but leaders in the healthcare sector are also tasked with addressing the human cost of security breaches, which often cause widespread disruption to care and place patients at risk.
Yet, healthcare providers continue to operate under tight budget constraints and limited personnel, without adequate resources to tackle the exploding cybercrime threat landscape. And as innovations develop at pace in the industry, from wearable health devices to telemedicine, IT managers are dealing with an ever-increasing number of endpoints.
From large healthcare systems to primary care practices, IT teams are often small, with one technician managing thousands of endpoints. Keeping track of so many endpoints across the network can pose challenges when it comes to patching, creating compliance and security problems. Adding to this, healthcare remains a highly distributed sector, with employees and IT assets often scattered across different estates, offices, and buildings.
Once attackers gain access to personal medical information, they can manipulate the data, cause operational disruption, and ultimately undermine public trust within an organisation. Thankfully, there are tools available for healthcare networks to reduce their attack surface and improve their ability to prevent, detect, and respond to cybercrime attacks.
Employees: the first line of defence
The UK Cybersecurity breaches survey, published in April this year, recently revealed phishing as the most prevalent type of cybercrime in the UK. And, as AI and LLMs become widely adopted across organisations and more accessible, these attacks have become increasingly difficult to spot. With 88% of data breaches caused by human error, healthcare institutions must view their employees as the first line of defence against threat actors.
Comprehensive security awareness training and education is fundamental for healthcare professionals to identify phishing attacks in the first instance. Everyone – from clinicians to administrative staff to IT admins – must develop the skills to spot, avoid, and report common tactics used by threat actors. In training sessions, it can be useful to conduct phishing email simulations, so employees can gain real-life experience of what a suspicious email might look or sound like.
Training is a fundamental step towards building a culture of security and reducing healthcare cybercrime. Alongside increased employee education around phishing, IT teams can consider limiting user access to the absolute minimum. This reduces the negative impact of a bad actor, should they assume the identity of a legitimate user.
Back to Basics
Patching is a vital security tool for IT managers looking to safeguard sensitive patient information. Out-of-date operating systems and applications can leave doors open for intrusion or exploits. According to the Ponemon Institute, most data breaches (57%) can be directly attributed to attackers exploiting a known vulnerability that hadn’t been patched. To simplify system updates, healthcare institutions can consider patch management tools to automate numerous updates across all their machines. Processes such as patch auditing also make it easier to identify any failed or pending patches and continue monitoring for any incompatibility or performance issues to keep systems secure.
In the event of a successful attack, security and IT teams should also consider a robust backup system to prevent loss of cloud and endpoint data. This will ensure continued access to critical information, in the face of system compromise and ransomware attempts. By backing up their data and monitoring endpoint activity, healthcare institutions can better protect themselves and keep disruption to patient care to a minimum.
A solution like automated endpoint management gives IT teams all of this in one central source of truth, providing visibility over the full network in a single pane of glass, displaying maintenance and updates, security and backups, and most critically, a view of all endpoints which could pose a possible risk. This also allows IT teams to automate processes such as patching and endpoint hardening without having to manually access machines, in turn, simplifying operations and alleviating the pressures of limited access to skills, resources, and budget.
The road ahead for cybercrime in healthcare
Whilst necessary to improve the speed and availability of diagnosis and treatment, the increasing number of endpoints in healthcare can also open more attack vectors for those looking to compromise or abuse the systems assisting in care provision. The stakes remain incredibly high. Cyber incidents not only result in huge fines for the responsible parties but can also erode public trust in the sector and put people’s data, and even lives, at risk.
For healthcare IT teams, ensuring endpoint security, reducing instances of cybercrime, and creating frictionless patient-provider relationships are non-negotiable. But effectively managing shared endpoints spread across buildings and sites, while supporting providers and staff at scale with limited resources, is no mean feat.
IT managers can lean on solutions like automated endpoint management to free themselves from manual monitoring and threat response across thousands of endpoints. These systems make it possible to detect anomalies, implement fixes, and maintain security protocols automatically. They enable IT managers to focus on what matters most: empowering healthcare providers to provide exceptional care for their patients.
By Andre Schindler, GM EMEA and SVP Global Sales at NinjaOne
