Cyberattacks Threaten Healthcare SectorBy Miriam Bello | Fri, 06/18/2021 - 15:36
No sector is safe from a cyberattack. Any company, large or small, has vulnerabilities that make it an attractive target to cybercriminals. Healthcare providers face further risks as the sector requires continuous electricity, interconnected services and on-going communication. Its stakes are also higher as cyberattacks can put human lives at risk, for which attacks in this sector can be considered a form or cyberterrorism.
Cyberattacks can compromise patient safety for instance by “sending ambulances to centers further away and compromising the life of patients. It is a form of terrorism,” said Sebastián Russo, System Engineer Director at Fortinet, during Mexico Cybersecurity Summit 2021.
The stakes make prevention even more important, so cybersecurity has become a need at every stage of the healthcare chain. The most common threats to the healthcare sector are ransomware, representing 54.95 percent of attacks in 2020,followed by fraud scams and compromised emails with 21.16 percent, insider treats with 7.17 percent, data breaches with 3.75 percent and DDoS and other unidentified attacks making up the rest, according to the Center for Internet Security (CIS). Attack by third-party vendors are also a problem, explains CPO magazine, as they exposed 12 million of patient records just in 2020.
With the COVID-19 pandemic, healthcare has become more attractive to cybercriminals. While ransomware was most common, data breaches were especially appealing due to their combination of data and financial benefits for attackers. According to Tenable, the average cost of a breach in the healthcare industry was of US$7.13 million, as the personally identifiable information (PII) is valued at US$150 per record. Data breaches happen usually through third-party providers that target the user directly. The five areas of healthcare affected the most by data breaching are healthcare systems, which saw 30.03 percent of overall breaches, hospitals with 19.11 percent, mental health care/rehabilitation with 6.14 percent, clinics with 5.12 percent and government agencies with 4.10 percent.
Ransomware attacks in the healthcare industry can slow down critical processes or make systems completely inoperable. The three most common ways for ransomware to enter a company are phishing emails, users clicking on a malicious link and advertisement containing malware (malvertising).
Distributed Denial of Services (DDoS) can shut down multiple systems or networks, or make them inaccessible to employees. DDoS in hospitals affect the access to critical patient information and compromise it. Boston Children’s Hospital suffered a large DDoS attack in 2014 by a member of an activist hacker group. The attack directed so much hostile traffic to the hospital’s computer network that he temporarily knocked Boston Children’s Hospital off the Internet, explained the US Department of Justice.
Fraud scams and compromised emails happen when criminals pretend to be a high-level collaborator in the company requesting a monetary transaction. A US medical center reportedly received a phone call from a pharmacy to confirm a US$500,000 order of prescription drugs but after an investigation, it was determined that the medical center did not place the order. “In this incident, a malicious actor had compromised the medical center’s credentials and was attempting to take out a large line of credit with the pharmacy to purchase drugs,” explained CIS.
Another common, and often underestimated, threat are former insiders. “In many cases, cyberattacks come from former, resentful workers who still have access to the digital platforms of the company,” said Alfredo Sastré, President at Csoftmty, during Mexico Cybersecurity Summit 2021.