Healthcare organizations have become a lucrative target for cybercriminals over the past year. Just over the last two months, cyberattacks against global healthcare organizations surged by 45%. Coalition’s Jeremy Turner, Head of Threat Intelligence, says the only way IT leaders can prevent hackers from going after their networks is by proactively decreasing areas of vulnerability as the pandemic rages on.
The global pandemic has sparked heightened cybercriminal activity across nearly every industry, and most recently, healthcare organizations have been in the spotlight. Hospitals across the U.S. have been suffering a wave of ransomware attacks since the onset of the pandemic — so much so that the U.S. Cybersecurity and Infrastructure Security Agency released a warning advisoryOpens a new window against them earlier this fall.Â
Yes, hospitals and healthcare entities are easy and desirable ransomware targets: they hold valuable PHI and typically have larger and older IT infrastructures.Â
However, the main reason why threat actors have targeted healthcare entities during the COVID-19 crisis is that the rapid shift to remote operating procedures has made them more vulnerable than ever. Adversaries have discovered that hospitals — already under strain from the pandemic — are more likely to pay more money, faster than other organizations at the moment, making them an even more lucrative target. Â
Despite the looming threats, the COVID-19 crisis has not put healthcare organizations in the best place to quickly overhaul their IT infrastructure. However, it’s possible for hospitals and IT leaders on the front line of healthcare to reduce their cyber risk in a way that doesn’t drain resources.Â
Here, I’ll dig into why healthcare organizations have become such a lucrative target for cybercriminals over the past year (and historically) and how IT decision-makers can begin to proactively decrease areas of vulnerability as the pandemic continues into 2021.Â
Learn More: 6 Biggest Healthcare Data Breaches of 2020
Healthcare: An Easy Target From the Start
Cyber vulnerability in healthcare is not a breaking, new issue. First and foremost, healthcare is an industry where the risk of a threat could equally come from within the organization as from the outside, data from Verizon’s 2020 Data Breach Investigations reportOpens a new window suggests. This is because the risk for employee mishaps is massive. There is a constant flow of patient data through unregulated channels, putting organizations at a high risk of being exposed to bad actors.
In fact, data we collected on the topic in the first half of 2020 found that 73% of claims filed by healthcare organizations were a result of an email and phishing scam as opposed to brute force and web application compromise — with 47% of all cited cyber events in the healthcare realm being ransomware.Â
A singular employee who falls for an email phishing scam could expose a patient’s entire medical history to a threat actor. This risk is only growing as we move toward virtual care platforms instead of in-person hospital visits.Â
In addition to these headline-grabbing breaches involving PII, there is also a long list of related fraud uses for healthcare data, such as billing fraud, and even the resale of medical records like chest x-rays used to prove medical status to get visas.
All in all, the healthcare industry has had a long history of being extremely vulnerable to cyberattacks, and the outbreak has only exacerbated this risk. Â
Learn More: BFSI, Tech & Healthcare Biggest Targets for Hackers: KnowBe4
The Good News for Healthcare Organizations
However, there are a few silver linings.
First is that most threat actors behind ransomware attacks are typically motivated by monetary gain. We just collected some claims data to depict this point.Â
Hospitals have been targeted less frequently than other industries, despite having more legacy infrastructure and internet exposure. Within similar sample sizes of 700-800 domains, with similar revenues, exceeding $100 million annually, our data found that 79 auto dealerships were compromised by threat actors involved in ransomware related activities as opposed to 56 hospitals.Â
Additionally, according to our data on the overall claims we witnessed in the first half of 2020, healthcare organizations we cover experienced lower claims frequency than the average customer (1.3% vs. 1.6%).Â
So, this is a good sign for hospitals and other healthcare organizations right now: while they’re taking the cyber spotlight as a vulnerable target as a result of the pandemic, ransomware criminals may quickly realize that their new targets don’t have the financial backing to give them what they ultimately want.Â
Security Implementations To Combat Healthcare Risk
There are ways to lessen the probability of attack from the inside, where many healthcare organizations will fall flat.Â
Multi-factor authentication (MFA) can help protect internal applications where sensitive patient data is stored and limit employee exposure to email phishing attacks.Â
Regular backups and backup testing are critical processes in preventing devastating ransomware losses. Equally important is to make sure those backups are stored offline or separate from the primary network, making it more difficult for a criminal hacker to delete or encrypt backups during ransom negotiations.Â
And finally, especially when dealing with insurers and third parties, healthcare organizations should absolutely implement wire transfer verification. No one should assume that an email is a secure way to send funds. Employees need to call the intended recipient — using a phone number from a source other than the email itself — before submitting any transfers to confirm all wire instructions provided are legitimate.Â
Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!