What you need to know about cybersecurity in the healthcare industry

May 2021 – UF Health Centre Florida made the executive decision to implement backup procedures due to a cyberattack on their IT system. Recently, UF Health Leesburg Hospitals and UF Health The Villages Hospital noticed some unusual activity on their network. In a bid to protect personnel and patient information, they suspended access to their email network and most of their other system platforms and switched to paper documentation procedures across their hospitals and physician clinics. Additionally, they suspended all computer connections with UF Health Central Florida and other UF Health’s campuses in Gainesville and Jacksonville, as well as with the University of Florida. The cause of the attack is still being determined. However, the hospital believes that none of the patient or personnel records have been affected or shared. 

The healthcare industry is essential, yet highly vulnerable to cyberattacks. So let’s delve into the current threats it faces and what can be done to improve cybersecurity in this field.

Current trends in the healthcare sector

Technology has proven to be a boon to the healthcare industry. High-tech cameras, robotics, EHR systems, and online portals are just some of the ways that technology has been adapted to make healthcare more efficient and accurate.

However, as the industry becomes more technologically advanced, the frequency and sophistication of cyberattacks grow in parallel.  Cybercriminals see healthcare organizations as a huge bounty for their malicious agenda and it has gotten worse since the start of the pandemic. And, in spite of the increased attacks, the sector is unprepared for them. Research shows that “88% of US-based MedTech leaders do not believe their organization is prepared for a cyberattack.” Additionally, a 2020 IBM report revealed that healthcare institutions sustain the highest average cost of a breach: $7.13 million per incident.

Cyber vulnerabilities of the healthcare sector

Healthcare is a lucrative target for cybercriminals.

·  Hospitals and clinics house large amounts of patient data and credentials – a valued commodity on the dark web. As such, cyberattackers often use this as leverage to threaten healthcare institutions financially – as seen in ransomware.

·  Most modern healthcare devices are made to execute their intended actions without the priority of cybersecurity in mind. While these may not directly cause a cyberattack, they can be used as entry points to bring down an entire system.

·  Remote collaboration tools and new equipment are not always added to the IT infrastructure securely.

·  Even today, legacy devices are often used without updating or upgrading them – often due to budgetary reasons. This makes them highly susceptible to breaches.

Common cyberattacks launched against the healthcare sector

In a ransomware attack, malicious actors hack servers, encrypt and steal data, and hold it hostage for ransom. Research shows that ransomware attacks on U.S. healthcare ended up costing $20.8 billion in 2020 alone.

Malware is malicious software that can be sent via email or a link. Once someone clicks on the malicious link, the software gains access to the device and eventually the servers where the attackers can steal, destroy, or sell the data.

Phishing is a social engineering practice where victims are contacted via email or a text message by threat actors pretending to be a legitimate professional or an organization to trick them into sending sensitive data, money, or installing malware. Spear phishing is very similar, the only difference being that it is targeted to a specific individual or institution. It is a more elaborate con that employs a high degree of personalization. This attack can unfold over some time, with the goal of gaining trust and ultimately accessing all the coveted information.  

In a DDoS (Distributed Denial of Service) attack, the intent is to disrupt a server or network’s normal flow of traffic by using spoofed IP addresses to send large packets of data. This high traffic volume overwhelms the target, eventually crashing it. This attack can block healthcare workers from accessing their networks and important equipment required for patient care and medical procedures. There has been a whopping 372% increase in bad bot traffic on healthcare websites as COVID-19 vaccines started to roll out globally.

Lastly, physical threats like unattended, lost, or stolen devices can also be used by cybercriminals to launch an attack. In some cases, healthcare staff or third-party associates can abuse their power and sell sensitive data to attackers for their own profit.

What can be done to improve cybersecurity?  

In order to ensure maximum protection from cyberattacks, it is vital that healthcare organizations engage in efficient cybersecurity practices.

1. Conduct risk assessments annually to identify vulnerabilities.  Based on this, create an efficient cybersecurity strategy that includes solutions that are both fitted to your organization’s needs and meet all the compliance regulations – HIPPA being one of them.

2. Implement several security controls like antivirus, antimalware, firewalls, different types of encryptions, and multi-factor authentication as a precautionary step for security incidents.

3. Update all your software and programs to eliminate any vulnerabilities that cyberattackers could use to their advantage. Additionally, invest in endpoint detection programs (EDR) and mobile device management (MDM) to reduce the security risks that come with smart devices. 

4. Store critical information on secure platforms with limited access granted only on a need-to-know basis. Make sure you have an automated access management system in place and constantly monitor user activity for irregular behavior.

5. Educate your employees on efficient cybersecurity practices – especially when it comes to remote working. Regular training and testing should also be conducted to ensure that they are aware of the cyber safety protocols to be followed.

6. Since healthcare institutions are a major target for cybercriminals, invest in a strong cyber insurance policy to ensure that your organization does not crumble in the unfortunate event of a cyberattack.