Why healthcare: the value of health data
The value of health data for cybercriminals is substantial and so is the critical services the health sector provides. This sector houses a plethora of sensitive information including personal health records, medical histories, insurance and payment details, and even intellectual property related to pharmaceutical research. Such data fetches a high price on the black market, making healthcare organizations prime targets for cyber attacks. An average data breach in the healthcare sector costs approximately USD 10.93 million, which is the highest data breach average cost across all industries.
Health data is not just valuable for financial gain; it can also be exploited for extortion, identity theft, insurance fraud, and even targeted attacks against individuals or organizations. The potential consequences of a successful breach extend beyond financial losses to include compromised patient care, damaged reputation, fines and legal ramifications. Even lives are at stake which increases pressure on compromised organizations.
Recent healthcare cybersecurity incidents
As reported back in 2022 attacks are still heavily targeting the health sector. In the first quarter of 2024 there have been multiple reports on incidents in the health care sector:
US: Ransomware attack on Change Healthcare: USD 872 million in damages
A ransomware attack on Change Healthcare, the largest health care payment processor in the United States has severely impacted Change Healthcare's operations, forcing the company to take most of its systems offline to prevent further spread of the attack. As a result of the outage, small and midsize health care providers have been severely affected, with doctors unable to electronically fill prescriptions and insurance providers unable to reimburse providers. Change Healthcare processes a significant volume of health care transactions annually and is involved in managing a large portion of American patient records.
EU: Disrupted service at one of the major hospitals in Stockholm
An attack on Sophiahemmet, one of the major hospitals in the Swedish capital, disrupted telephones at the hospital lead to a shutdown of all computers as a security precaution. While the hospital continues to operate using backup procedures, administrative tasks are being handled manually, potentially causing longer waiting times for patients. German hospitals are also heavily targeted with 21 attacks in 2023 on large hospitals with over 30'000 patients.
Why healthcare is vulnerable to cyber attacks
Outdated systems and lack of regular updates
Many healthcare organizations rely on outdated systems and medical devices that are not updated regularly, if at all. Legacy systems often lack robust security features and are more susceptible to exploitation by cybercriminals. These are some of the many reasons why ensuring cyber security in the healthcare sector is so challenging. Outdated systems serve as easy entry points for attackers seeking to infiltrate healthcare networks and access sensitive patient data.
High-pressure environment and increased vulnerability to phishing attempts
The healthcare industry operates in a high-pressure environment where the focus is primarily on providing timely and effective patient care. This pressure can lead to employees being more susceptible to phishing attempts or other social engineering attacks. In their rush to address urgent matters, employees may inadvertently click on malicious links or disclose sensitive information, opening the door to cyber threats.
Highly heterogeneous environments and expanded attack surface
The healthcare landscape is characterized by a highly heterogeneous environment, encompassing a wide range of devices, systems, on-premise email gateways, and applications from various vendors. This diversity creates a sprawling attack surface, making it difficult for organizations to effectively monitor and secure every endpoint. Cybercriminals exploit this complexity to find vulnerabilities leading to healthcare data breaches and ransomware attacks on hospitals and other healthcare providers.
Lives at stake and increased ransom payment likelihood
Unlike other industries, the healthcare sector deals directly with people's lives and well-being. This heightened stakes increase the likelihood that healthcare organizations may succumb to ransom demands in the event of a cyber attack. The prospect of patient harm or compromised care compels organizations to prioritize restoring access to critical systems, potentially making them more willing to pay ransoms to regain control of their operations.
Limited funding for IT and security measures
Despite the critical importance of healthcare cybersecurity, funding for IT and security initiatives often falls short of what is needed to effectively safeguard patient data and infrastructure. Budget constraints may result in underinvestment in security technologies, staff training, and infrastructure upgrades, leaving healthcare organizations ill-equipped to defend against sophisticated cyber threats.
Email security: the Achilles' Heel
Among the multiple avenues of attack, email remains one of the most exploited entry points into healthcare systems. Phishing, a tactic where cybercriminals pretend to be legitimate entities to deceive recipients into divulging sensitive information, remains rampant in the healthcare sector. Employees, often inundated with a high volume of emails daily, may inadvertently fall victim to these deceptive tactics, thereby compromising the security of the entire organization.
How to act now: start with an email security check-up for your organization
Learn how you can prevent ransomware attacks and data breaches from disrupting vital services. Download the 2024 Email Security Check-up for Healthcare Providers and discover healthcare cybersecurity solutions.
