Connect with us

Hi, what are you looking for?

HEADLINES

Meeting the healthcare sector’s unique cybersecurity challenges

In 2020, more large healthcare data breaches were reported than in any other year, according to a recent report by IntSights, a Rapid7 company.

By Paul Prudhomme
Head of Threat Intelligence Advisory, IntSights, a Rapid7 company

In August 2021, as many citizens in Manila looked to get vaccinated against Covid-19, the city’s vaccination website was attacked by hackers 133 times.

The city’s mayor later told news outlets that “troll farms” were possibly behind the hit on the vaccination registration site, seeking to deny real users from using it.

The attacks were not the only cyber threats facing the Philippines’ healthcare sector during the pandemic, as it tried to help citizens navigate the crisis.

Advertisement. Scroll to continue reading.

Earlier, in November 2020, a software tool that healthcare workers in the Philippines used to share data about Covid-19 cases was found to contain multiple flaws that could potentially expose patient data.

Researchers at a laboratory at the University of Toronto discovered vulnerabilities in the Covid-Kaya platform’s Web and Android apps that allowed unauthorized users to access private data about the platform’s users, according to cybersecurity news website Threatpost.

These incidents are reminders of the need to manage cybersecurity risks as healthcare providers digitalize rapidly to improve patient care and meet the urgent demands of a pandemic.

The Philippines is certainly not alone here. In the Italian city of Lazio, cyber attackers managed to disable the Covid-19 vaccination booking system last year, preventing citizens from getting their vaccination appointments for days.

Hackers likely believed this would pressure the Italian authorities to pay up the ransom to unlock the systems they had disrupted through a cyberattack.

Advertisement. Scroll to continue reading.

Unsurprisingly, during the pandemic, cyber attackers have sought to exploit the confusion and fear of citizens and government agencies, hoping to cash in as victims often became desperate in life-and-death situations.

In 2020, more large healthcare data breaches were reported than in any other year, according to a recent report by IntSights, a Rapid7 company.

In addition, 2021 saw five consecutive months (March through July) in which industry data breaches have been reported at a rate of two or more per day.

While cybersecurity is a threat to all organizations, healthcare providers face some unique challenges, particularly during the pandemic.

For starters, the personal details in protected health information (PHI) are useful for criminal groups that wish to commit identity and insurance fraud.

Advertisement. Scroll to continue reading.

Once data such as social security numbers of medical records are leaked on underground criminal forums on the Dark Web, they can be reused and exploited repeatedly.

While it is true that the healthcare sector is highly regulated in terms of security and data protection, this can sometimes work against organizations in the sector.

For instance, cyber attackers may count on victims in the healthcare sector to pay up a ransom because they would otherwise incur a hefty fine from government regulators for losing patient data.

This could give them additional leverage compared to, say, a victim in another sector that does not have the same stringent regulatory oversight.

Another unique feature of the healthcare sector is the medical devices that are connected to a network all the time.

Advertisement. Scroll to continue reading.

IntSight’s study in the United States found that some healthcare providers had not been updating their devices with the latest firmware because they were worried this might void the approval already received from the Food and Drug Administration.

Although the authorities only ask that significant modifications be sent for approval, some providers become “over compliant” and end up not updating the software on their devices.

As a result, these devices could be left in a vulnerable state for years – many of them run for a decade or more – and act as a perpetually open door for cyber attackers to enter.

There is yet another worrying thing for the healthcare sector. Despite the value of highly personalized data that can be stolen here, the price of unauthorized access to a healthcare organization is relatively low among criminals.

The lowest price in a data sample that IntSights obtained, from monitoring underground criminal networks, was just US$240, for access to a Colombian healthcare organization.

Advertisement. Scroll to continue reading.

This could be because of a perception that it is relatively easy to steal data from a healthcare organization or simply that there is an oversupply of such information.

These findings from IntSight’s global study offer valuable lessons for Southeast Asian healthcare organizations, particularly on how to reduce their risk and improve their security posture.

Here are four important steps:

  1. Establish priorities: Find and address the most critical vulnerabilities first, then identify which assets are most likely to be targeted
  2. Integrate cyber threat intelligence: Discover threats before they arrive at your doorstep, then tailor defenses against them.
  3. Build robust ransomware defense: Use offline backups and strong encryption; avoid the temptation to pay off a ransomware gang.
  4. Balance usability and cybersecurity: Use multi-factor authentication on a mobile app and limit remote access to a bare minimum, for example, to reduce risk.

Increasingly, cyber criminals are seeking more effective ways to pressure their victims to cough up ransoms. Besides stealing and locking up precious data, they also extort victims by threatening to expose sensitive data.

For healthcare organizations, the key to overcoming such new cybersecurity challenges is first understanding the unique risks that the sector faces and trying to keep a step ahead. Constant vigilance has to be the norm.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

While businesses in different industries are continuously upgrading their platforms, fraudsters also search for ways on how they can adapt to the ever-changing landscape...

HEADLINES

It seems that moving forward, Google will rely solely on developers and their responsible actions in relation to the Data Safety section. 

HEADLINES

Latest data showed a total of 567 reported theft incidents in Globe sites in the first half of 2022, including 306 incidents of copper...

HEADLINES

In Southeast Asia (SEA), the project has helped nearly 30,000 ransomware victims from July last year to June end of 2022.

HEADLINES

When users refuse to pay for a subscription to a streaming service and choose to watch a movie or show on an illegitimate page,...

HEADLINES

Amazon will use information discovered in this legal action to identify bad actors and remove fake reviews commissioned by these fraudsters that haven’t already been...

SOFTWARE

Apple is previewing a groundbreaking security capability that offers specialized additional protection to users who may be at risk of highly targeted cyberattacks from...

HEADLINES

Findings show cybercrime is being supercharged through “plug and play” malware kits that make it easier than ever to launch attacks. Cyber syndicates are...

Advertisement