Every day there seems to be another hospital or healthcare facility in the news as a data breach victim. Breaches are common in the healthcare industry and can be the result of different types of incidents such as, an insider who intently or accidentally exposed patient’s sensitive data, malware stealing credentials or a misplaced official laptop or other medical devices. According to Verizon Data Breach Investigations Report and Ponemon Institute, the Healthcare sector faces more data breaches incidents that any other industry. Several reports claim that cyberattacks and ransomware are on the rise and the healthcare sector is one of the biggest and easiest targets. Last year in Israel, some researchers announced they had created a computer virus that can add fake tumors to MRI and CT scans. A malware designed to fool the doctors into misguided treatments of high-profile patients. Despite the rising cybersecurity threat in the healthcare sector, the majority of hospitals and physicians are unprepared to handle such threats, given they pose a major public health problem.
Cybersecurity threats facing the Healthcare Industry in 2020
CyberMDX- a team of top cybersecurity professionals, has released its latest report on the greave threats the healthcare sector is facing today and beyond. The team took it upon themselves to analyze the biggest healthcare breaches in 2019. With the help of this report, CyberMDX expects hospital administrators to have a good sense of where they stand and how they perform in the industry on matters of cyber preparedness and technology investment.
As per Job Rabinowitz, VP of Marketing, CyberMDX, to understand the future of the healthcare sector, we must first dig deep and find out what has led attackers to be successful in their attempts. The amount of data CyberMDX analyzed has given cybersecurity professionals and future victims a greater insight into the challenges the industry faces and how professionals can aid improve cybersecurity and mitigate future attacks and breaches.
Some insights from the report;
- Medical information and healthcare research data could sell for as high as $1000 per record in the black market. Back in 2018, the numbers stood at over 15 million records that were breached and now today the number has grown to more than 40 million.
- As per some reports, over 80% of healthcare delivery organizations and device makers report that medical devices are difficult to protect. One of the top reasons cited for this was the lack of knowledge, pressure on development teams to meet the product deadline and training on secure coding practices.
- In the US, attackers find most success targeting less well-known or mid-sized healthcare organizations outside of the nation’s largest population centers.
- Globally, there are over 450 million connected clinical assets and medical devices installed, while the US is home to over 120 million connected medical devices.
- 71% of the HDOs admit that they lack a comprehensive cybersecurity program within their organization.
- As per the report, Healthcare is the only sector in which the breach is more often caused by insiders than outside actors. 56% of all incidents were accounted for internal misconduct.
- Nearly one in three respondents reported that their organizations never analyze or audit their medical devices for vulnerabilities.
- An average cost of a data breach in the Healthcare industry stands at $6.45 million- 65% higher than the average in cross-industry.
Cybersecurity Threats and Challenges in Healthcare Industry
As the industry continues to provide life-saving services, working to upgrade treatment and patient care with latest technologies, cyber threat actors look to override the vulnerabilities. For the healthcare sector, cyberattacks can have adverse consequences, beyond financial loss and breach of privacy.
The latest cyber threats and vulnerabilities may not deem to be an organization’s biggest cyber threat. As per several data breach investigations report, most attacks are about money and attackers usually prefer to take the easiest route to acquire the information they need. Some of the common threats faced by the healthcare industry include;
- Malware and Ransomware- Attackers use malware that infects systems and files, retaining them until a ransom is paid. Generally, ransomware infects victim’s computer machines in any of the following ways:
- Through phishing emails containing a malicious content
- A malicious link for users to click
- By watching advertisement containing malware, commonly known as malvertising
- Data Breaches- One of the most common threats facing the health care sector. Back in 2019, there were as many as 386 breaches- an increase of 33% in 2018.
- Phishing- This is another common strategy to attack the victim by sending out tens of thousands of emails from disguised reputable sources to obtain sensitive information from users.
To enhance cybersecurity in health care or any other sector, organizations can hire professionals who can not only manage and leverage data but protect it as well at any cost. If your organization is in need of one, ExcelliMatrix is one such company that can mitigate the gap between a secure and healthy network and breaches. Follow us on Facebook, & LinkedIn or Contact us, 406-646-2102 and get your questions answered.