Enormous amounts of patient information and financial data make the healthcare industry a prime target for cybersecurity threats. Hackers and other malicious organizations seek out everything from individual medical records, billing details, and log-in credentials to clinical trial and research information through systems, servers, or apps.
Today, patient portals, internet of things (IoT) devices, electronic health records, and other connected systems are in greater use than ever. They provide lucrative, often easy-to-access new channels through which to launch threats. Healthcare providers are the main victims.
Who is targeted and how much does it cost?
The 2019 Breach Barometer noted that healthcare providers accounted for 70% of all entities reporting cyberattacks. Health plans followed at 12% and other healthcare-related entities were next at 8%.
But it doesn’t stop there. Even business associates of HIPAA-covered groups were targeted, potentially as a means of back-door access to healthcare organizations’ data.
Exacerbating the problem is the cost of cleaning up after a cyberattack. Healthcare data breaches cost an average of $408 per record to resolve. This is nearly double the cost in the financial services sector that came in second at $206 per record. The lowest costs were in the public sector, which totaled just $75 per record.
Related Content: How A.I. and Cybersecurity are Transforming Healthcare
The Top Healthcare Cybersecurity Threats in 2019
Below are the top cybersecurity trends to be aware of in 2019.
Cybersecurity threats in the healthcare sector will continue to grow
From 2017 to 2018, there was only a small annual increase in the number of healthcare data breaches. This is according to combined information from databreaches.net, the U.S. Department of Health and Human Services (HHS), and state attorneys general.
This is good news, right? The answer is “wrong.” The number of healthcare records exposed in those data breaches tripled year over year, going from more than 5.6 million in 2017 to nearly 15.1 million last year.
Increasing steadily over the past three years, hacking accounted for more than 44% of all tracked healthcare data breaches in 2018. There’s no doubt that this momentum will continue to grow as hackers become more sophisticated and attempt to stay several steps ahead of health IT professionals.
Ransomware Attacks Become More Aggressive
More than 28 years after the first ransomware attack, the healthcare sector continues to be a top target for this malicious software. In 2018, healthcare accounted for more than one-third of all ransomware attacks, followed by financial institutions and professional services firms, at 12% each.
Many of the targeted victims are large hospitals and healthcare organizations. However, the majority are small and medium-sized enterprises (SMEs). These victims are particularly vulnerable since they’re often ill-prepared for such an attack. In fact, 71% of ransomware attacks last year victimized these types of enterprises in healthcare.
Threats take the form of email attachments, messages, pop-ups, and other malicious software that can give access to files or systems, block users’ access, and hold organizations hostage until they pay a ransom — sometimes in the millions of dollars — for a decryption key. The success of these attacks and the financial opportunity associated with them will result in ransomware becoming more frequent and aggressive.
Increasing IoT Vulnerabilities
As healthcare providers continue to leverage IoT to monitor individuals’ health and provide needed care, the number of IoT-based attacks, particularly on hospitals, are expected to rise. Published reports predict that IoT attacks will account for 30% of cybersecurity incidents in 2019. They are expected to increase 500% in just two years — from 50,000 in 2017 to an estimated 300,000 this year.
The vulnerabilities come as greater numbers of unprotected IoT devices connect to healthcare providers’ IT networks. Until the industry focuses on securing IoT communications, cyberattacks driven by IoT botnets are expected to be more pronounced and larger in scale.
Proactive Measures for Minimizing Healthcare Cyberthreats
While the predictions for growing cybersecurity threats should continue to raise alarms within the healthcare sector, there are some clear, proactive steps that organizations should take now to defend against potential attacks.
- Conduct a risk assessment: Evaluate the likelihood and potential risks to protected data and IT infrastructure. Then, implement the appropriate security measures and maintain these protections.
- Secure your physical environment: Install physical locks to limit access. Employ privacy shields to protect the information. And use closed-circuit TV to monitor building access.
- Manage administrative risk: Employ an individual to take responsibility for security. Educate employees about all security policies and procedures, including proper password etiquette and data backups. In addition, develop a disaster plan in case ransomware or hackers bring down your system.
- Employ technical safeguards: HIPAA requires numerous technical safeguards. These include encryption of Windows workstations and mobile devices to prevent data loss or exposure from lost, stolen, or improperly decommissioned equipment. Other safeguards include the control of network access and leverage of multifactor authentication for cloud-based systems or biometrics, such as fingerprint sensors, for mobile devices and workstations.
Related Content: 5 Ways to Improve Patient Data Security
The Bottom Line
Healthcare organizations must raise awareness about the severity and growing threat of cyberattacks. They must also take steps to secure the enterprise and access to data.
By doing so, they can more effectively mitigate their risks and reduce their financial and regulatory exposure to threats. It will also protect data and systems that are crucial to their day-to-day operations and patient health.
Larry Whiteside is the chief information security officer (CISO) at Greenway Health, a leading health information technology and services provider. A cybersecurity veteran and industry thought leader with more than 25 years of experience, Whiteside served as CISO and chief security officer for large organizations across multiple verticals, including healthcare, financial services, and critical infrastructure. Today, he is responsible for all aspects of Greenway Health’s physical, system, and information security. His position directly impacts confidentiality, integrity, and availability of all customer-facing systems and patient information hosted by Greenway Health.