The healthcare sector, holding vast amounts of sensitive information, is facing an alarming surge in cyber attacks, posing a significant threat to patient safety. Research by Omdia reveals that, between January and September of the previous year, the healthcare industry suffered the most cyber attacks globally (241), surpassing government (147) and information technology sectors (91). Hacking, supply chain attacks, phishing, and ransomware are the predominant methods employed by cybercriminals, making the healthcare sector an enticing target due to the potential to jeopardize lives.
Real-world Impacts: Disruptions and Financial Losses
The National Health Service (NHS) in the UK has encountered significant ransomware attacks, such as the infamous “WannaCry” attack in 2017, costing an estimated £92 million and leading to the cancellation of 19,000 patient appointments. Cyber attacks have also disrupted non-emergency services, mental health management systems, and emergency prescriptions. Globally, hospitals in Germany and the US have faced system shutdowns, necessitating rescheduled procedures and patient redirection.
In Finland, a disturbing incident involved the hacking and leakage of confidential records of psychotherapy patients, leading to online blackmail attempts to keep the data private. The severity of these incidents underscores the urgent need for heightened cybersecurity measures in the healthcare sector.
Escalating Threat Landscape
James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, emphasizes that the healthcare sector’s attractiveness to cybercriminals lies in its potential to put lives at risk. As technology evolves, cybercrime becomes more accessible, with tools and services readily available on the dark web, requiring less sophisticated technical skills.
Cybercriminals are adapting and evolving their tactics. Instead of encrypting data with ransomware, some criminals now steal highly sensitive medical data, threatening to publish it on the dark web unless a ransom is paid using cryptocurrency. This shift in strategy complicates the cybersecurity landscape for healthcare organizations.
Challenges with Legacy Systems
Many healthcare organizations struggle with outdated legacy systems, comprising 30 to 50% of all IT services in some cases. These systems, designed over 20 years ago and not upgraded for more than a decade, become vulnerable targets as cybersecurity threats evolve. Annual cybersecurity audits and adopting a “zero trust” approach can mitigate risks associated with both old and new healthcare IT systems.
Mitigating Cybersecurity Risks
To enhance cybersecurity, industry experts recommend a combination of measures:
- Network Segmentation: Isolating critical systems through network segmentation to minimize the impact of potential breaches.
- Antivirus Software: Implementing widely-used antivirus software to protect against malware, ransomware, and other security threats.
- Intrusion Detection Software: Deploying intrusion detection software to identify potential suspicious activities within hospital computer networks.
- Extended Detection and Response (XDR): Utilizing XDR software to provide an overview of multiple security threats, collecting data from various sources and using AI to monitor threats in real time.
- Specialized Security for Medical Devices: As the number of internet-connected medical devices rises, implementing specialized security software to protect devices like heart monitors, life support machines, and infusion pumps.
Collaborative Efforts and Regulatory Actions
Governments are recognizing the urgency of the situation. Both the US and UK have announced strategies to strengthen cybersecurity in healthcare. These strategies include identifying critical areas susceptible to cyber attacks, embedding security into emerging technology, and establishing minimum standards for hospital cybersecurity. Collaboration between the healthcare sector and technology providers, coupled with international cybersecurity standards and stricter legal actions against cybercriminals, is crucial to mitigating threats.
Despite ongoing efforts, the healthcare sector is likely to remain a prime target for cybercriminals. The evolving nature of cyber threats and the continuous development of cybersecurity tools create an ongoing challenge, akin to a cat-and-mouse game. As the sector strives to adapt, the collaboration between healthcare organizations, technology providers, and governments becomes increasingly paramount in safeguarding patient data and ensuring the resilience of healthcare systems against cyber threats.