As part of our ongoing series, we wanted to dive into cybersecurity in healthcare, including the threats and opportunities the healthcare industry is facing.
When you think about healthcare, you may immediately think about the “HIPAA Security Rule” and “electronic protected health information,” but there is a lot more to the healthcare industry and its unique cybersecurity needs. Let’s dive in.
Why Is Cybersecurity Important in Healthcare?
According to the Cybersecurity Guide:
Healthcare organizations are attractive targets for cybercriminals for three main reasons:
- Criminals can quickly sell patient medical and billing information on the darknet for insurance fraud purposes.
- Ransomware’s ability to lock down patient care and back-office systems make lucrative ransom payments likely.
- Internet-connected medical devices are susceptible to tampering.
In addition to the typical business, financial, and personal concerns that cyber threats give to most businesses in other industries, the healthcare industry has the added concern of the health and safety of patients.
With patient health being the number one priority of healthcare organizations, it makes sense to have cybersecurity be equally as important – but, it often isn’t.
Top Cybersecurity Issues in Healthcare
Basic Web Application Attacks
According to the 2022 Data Breach Investigations Report by Verizon, basic web application attacks are the most popular type of cyber attack in the healthcare industry. The report defines “web application attacks” as “attacks [that] are against a Web application, and after initial compromise, they do not have a large number of additional Actions. It is the ‘get in, get the data and get out’ pattern.”
This makes sense because many healthcare organizations – from hospitals to private practices – use web applications to collect and share data about and with their colleagues and patients. This also means that cybercriminals can gain sensitive data without being noticed unless the organization is actively monitoring and mitigating threats like these.
According to the 2022 Data Breach Investigations Report by Verizon, 39% of threat actors are internal and 29% of the data that is compromised are credentials. Unlike previous years, most of these insider breaches are not malicious. Instead, employees “are more than 2.5 times more likely to make an error than to maliciously misuse their access. Misdelivery [sending something to a wrong recipient] and Loss are the most common errors.”
Arguably, the most challenging aspect of these errors is that there is no malicious intent. Healthcare employees are simply making mistakes and causing potentially irreparable damage.
System intrusion attacks are likely the most commonly known cyber attacks that the general public is aware of. According to the 2022 Data Breach Investigations Report by Verizon, system intrusion attacks are “Complex attacks that leverage malware and/or hacking to achieve their objectives including deploying Ransomware.”
One would think that with understanding would come proactive defense, but this is not happening in the healthcare sector.
According to HIPAA Journal, ransomware attacks have dropped by 23% globally but they increased by 328% in the healthcare industry. On top of that, malware attacks, which were at a 7-year low in 2021, are now seeing an increase of 45%. IoT malware, specifically, saw an increase of 123%.
The Cybersecurity & Infrastructure Security Agency (CISA) explains why this is happening: “Health information technology provides critical life-saving functions and consists of connected, networked systems that leverages wireless technologies, which in turn leave such systems more vulnerable to cyber-attacks.”
The challenge is that the same technology that offers improved patient care and streamlined employee workflow is creating more cybersecurity risks.
Top Opportunities in Healthcare Cybersecurity
Replace Legacy Systems
To reduce basic web application attacks, it makes sense to replace legacy systems within healthcare organizations.
Maryville University explains how replacing legacy systems can help:
A common characteristic of legacy systems in healthcare is their vulnerability to cyberattacks — providing “back-door entry” for cybercriminals to access systems that hold personal and medical data. In addition to the danger to patients, data theft can interrupt workflows, impacting staff performance. Another factor that increases the vulnerability of legacy systems is the lack of support from third-party vendors. Once a technology is outdated, it becomes increasingly difficult to find the necessary support to address issues or fix problems.
The challenges that many healthcare organizations face include the cost as well as getting employee buy-in. However, some healthcare organizations end up closing their doors after a cyber attack simply because they can no longer afford to stay open. So cybersecurity professionals everywhere are encouraging healthcare organizations of all sizes to invest in cybersecurity as if their patients’ lives depend on it – because they might.
Security Awareness and Skills Training
With so many threats happening to healthcare systems because of internal errors, it’s best to combat that with security awareness and skills training. This works well when replacing legacy systems because training must happen when employees need to use a new system.
In addition to training employees how to use a new system, it’s important to teach them how to spot phishing and other common cyber attacks. Employees should also be taught how to effectively check for errors in their own work.
The American Hospital Association explains how to connect patient safety to the employee’s workflow to get employee buy-in:
[The] most important defense is to instill a patient safety-focused culture of cybersecurity. This enables health care organizations to leverage their existing culture of patient care to impart a complementary culture of cybersecurity. A culture of cybersecurity, where the staff members view themselves as proactive defenders of patients and their data, will have a tremendous impact in mitigating cyber risk to the organization and to patients.
How CyberFort Advisors Can Help
Don’t let cybersecurity issues weigh your healthcare organization down any longer. Delegate your full cybersecurity program to CyberFort Advisors. Our domestic team completely manages your cybersecurity needs 24/7. Learn more about Managed Security Operations Center services today.