The Covid-19 global pandemic caused one of the most considerable strains on the healthcare industry in recent times. This further altered healthcare as it adapted to the circumstances, for instance, by increasing the industry’s digital advancement. In addition, the pandemic further impacted how patients viewed and became involved with hospitals.
Furthermore, healthcare delivery organisations (HDOs) became one of the most pressured systems, in addition to becoming a target of cybercrime, which included planned attacks to extort money from an already disrupted system.
In July 2021, INTERPOL Secretary General Jürgen Stock had called for police agencies worldwide to form a global coalition with industry partners to prevent a potential ransomware pandemic. According to Stock, ransomware criminals were continuously adapting their tactics, operating free of borders and with near impunity, despite the severity of their crimes.
New Zealand-based software company Emsisoft’s research noted that at least 68 healthcare providers were impacted by ransomware attacks in 2021, including multiple hospitals and multi-hospital health systems, with the impacted organisations operating a total of 1203 sites between them.
Cybersecurity firm Sophos’ latest report reveals that in 2021, 66% of healthcare organisations were hit with ransomware attacks compared to the 34% that were impacted in 2020. Meanwhile, California-based non-profit healthcare system Scripps Health says that these incidents put the cost of the attacks at $112.7mn.
Examining further, cyberattacks on healthcare facilities happen due to a few key reasons, many of which can be mitigated.
Legacy systems still play a part
Most healthcare systems still apply legacy systems in their operating systems. Replacing these with new technology can improve most services in the healthcare sector such as administration, IT, and patient data. However, ensuring that organisations can shift to new technologies without impacting service flow is extremely important. At the same time, they also have to plan a course of strategy with input from multiple stakeholders.
Lack of care from a digital perspective
Another issue experienced in the sector is default passwords. Software firm Forescout Technologies has identified that healthcare equipment, especially patient monitors and CT scanners, is most used by hospitals with default credentials, along with other IT and IoT equipment. In these scenarios, the healthcare devices act as the weak link in the network, according to Forescout.
Breaching trust from the inside
Thirdly, hospitals account for insider misuses such as patient data theft for financial benefit or malicious intent. The reasons for this are many, including curiosity to access confidential data, and in some cases, the more severe reason of accessing information for malicious purposes. Sometimes protocols are overridden to make jobs easier.
Cybercrimes against critical supply chain
Technology company IBM’s report from 2022 found that vulnerability exploitation was the top initial attack vector in manufacturing, an industry grappling with the effects of supply chain pressures and delays.
The report noted that threat actors understand the critical role manufacturing and energy play in global supply chains and are seeking to disrupt these organisations because of the ripple effect it can have across multiple industries and the pressure these multiplying effects create for victims to pay a ransom.
Hackers tracking valuable data
Cyber threats to healthcare providers can also occur in the form of data breaches, where outside hackers can penetrate a hospital’s IT security to find information regarding patient information, demographics, mental health issues, or even insurance data. Hackers can later sell these to third-party organisations for monetary gain.
Companies investing in technology must equally be cautious of how these technologies can be misused. For instance, IBM noted that given the specialisation and global distribution of organisations targeted during a phishing campaign, the adversary is intimately aware of critical components and participants of the cold chain.
This could have been highly fatal, especially during a time when vaccine supply chain promptness was extremely critical. For example, a trucking and logistics company suffered a ransomware attack in December 2021, leading to operational disruptions that initially “brought down almost everything”.
According to Supply Chain & Logistics Business Intelligence firm Eye for Transport, most of the industry’s leaders aren’t equipped to address cybersecurity threats, nor do they have a strategy in place. Organisations must create a plan to defeat cybersecurity threats and have a strong defence against these viral attacks by developing and implementing internal security software for the future.
