Cold-hearted cybercriminals see opportunities in other people’s suffering. For years, they have targeted healthcare organizations for attack, without regard for how it could impact patients and medical personnel. Or more correctly, in the twisted logic of the criminal mind, the negative impact is seen as a plus, since it puts pressure on organizations to pay up.
Of course, over the course of the COVID-19 pandemic, healthcare systems worldwide faced challenges on a scale that hasn’t been seen in over a century. COVID-19 patients filled hospitals and ICUs to overflowing, and healthcare providers had to adapt their procedures to keep staff and patients safe.
While the stress healthcare systems and employees have been under, and the super-critical need to keep operations running smoothly led upstanding citizens to line up to help, hackers viewed the situation with dollar signs in their eyes, ramping up attacks on organizations that were already near the breaking point. According to Check Point Software, cyberattacks on healthcare organizations increased a dramatic 45% since November 2020 – more than double the 22% rise that has affected other industries. Unfortunately, even more of the same is expected in 2021.
Why is Healthcare a Special Target?
There are two main reasons hackers target healthcare: 1) high value and 2) vulnerable systems.
The personal, medical, and financial information healthcare providers have on their patients is typically worth $250 per record on the black market: 46 times the value of a payment card record, the second most valuable record. This ‘resale value” is a powerful incentive.
Healthcare organizations are also especially vulnerable to ransomware. According to the Check Point report, “Ransomware attacks against hospitals and related organizations are particularly damaging, because any disruption to their systems could affect their ability to deliver care and endanger life – all this aggravated with the pressures these systems are facing trying to cope with the global increase in COVID-19 cases.”
Cybercriminals know that for hospitals, keeping IT systems running is a matter of life and death. The criminals assume – often correctly – that hospitals will be willing to pay ransom rather than face even a single day of downtime from an attack that might impact life-saving equipment and systems.
The healthcare industry has several unique characteristics that make it more vulnerable to attack than other industries. Since FDA approval is required for many different types of medical software, healthcare providers tend to stick with legacy systems that may include vulnerable protocols and unprotected devices. A survey of 75 global healthcare organizations with 15 million devices found that over 70% of the devices ran on operating systems approaching end of life, and 85% of the Windows devices were running SMB, which is known to be subject to vulnerabilities.
Protecting Healthcare from Cyberattack
What’s needed to protect healthcare from cyberattack is a different approach to cybersecurity – especially when it comes to the web, since websites and phishing are essential for most ransomware delivery chains. Detection-based approaches – conventional anti-virus / anti-malware software that depends on identifying malware, and secure web gateways which depend on URL categorization – can’t keep up with zero-day threats, or with phishing sites that spring up by the thousands every day, and disappear just as quickly.
Likewise, healthcare practitioners and staff require solutions that enable them to do what’s required to take care of their patients, without resorting to risky workarounds to cumbersome restrictions associated with legacy systems.
What’s needed is a “Zero Trust” approach to cybersecurity that assumes that no person or system should be trusted unless trust can be verified – yet empowers users to access and leverage the resources they need. Zero Trust is not a product you can buy. It’s a philosophy, an approach to network security. To learn more about how healthcare organization can apply a Zero Trust approach to preventing credential theft, ransomware attacks, and data loss, as well as locking down vulnerabilities associated with legacy platforms, download our white paper, “Addressing the Healthcare Cybersecurity Crisis.”