Why are Data Breaches in the Healthcare Industry Rising Rapidly?

Posted by Geraldine Hunt on Thu, Nov 26th, 2020

Florida’s Agency for Health Care Administration received the preliminary findings of a review launched by the state’s Inspector General on January 2.  The review was in response to a data breach involving 30,000 Medicaid recipients on November 15, 2017.  The breach was a direct result of a staff member clicking on a malicious phishing email, giving the attacker access to the patient database. The data obtained by the hackers included names, addresses, Medicaid identification numbers, birthdates and social security numbers.  The agency states that because of the attack, they are implementing an extensive training program for their employees in order to thwart similar attacks in the future.  They claim that thus far, the stolen information has not been improperly used.

This incident is just the latest in an ongoing acceleration of cyber attacks targeting the healthcare industry.  According to BusinessWire, 2017 saw a 23.9% increase in cybersecurity incidents involving the healthcare industry with a total of 3,442,7748 records being compromised for the year.  In recent years, medical records have become the targets of choice amongst hackers as the confiscated data can be used to support identity theft and financial fraud.  Not all of these incidents involve data breaches.  Ransomware extortion attacks are also very common in the healthcare industry due to the criticalness of getting data back online to serve patients.  In fact, according to a Verizon report, 72% of all healthcare malware attacks are ransomware related.  

Unfortunately, the onslaught of cyber attacks levied on healthcare organizations is forecast to expand into 2018 as the IDC predicts that one in three medical records will be compromised this year.  According to FBI research, the healthcare industry in the US annually loses between $74 billion and $246 billion.  It is clear that the industry must do more to address this crisis

Why the Healthcare Industry is so Vulnerable to Cyberattacks

Two significant factors make them overly vulnerable.

1. The first aspect is the growing proliferation of IoT devices in ICU facilities, operating rooms and patient care networks.  According to the IDC, 2018 will see a significant implementation of machine learning based healthcare as IoT devices become ubiquitous throughout the industry.  By 2019, it is estimated that more than 40% of global healthcare facilities will be actively utilizing IoT and this year will mark the full implementation of machine learning algorithms in healthcare.  Unfortunately, IoT devices often lack the necessary resources required for endpoint protection when compared to other types of IT devices.  This makes them the weak link in the chain when infiltrating enterprise networks. Security analysts predict that cybercriminals will be targeting hundreds of thousands of IoT devices in the healthcare sector this year.
2. Another derivation for the vulnerability in the healthcare industry is the fact that a majority of healthcare organizations have been slow to prioritize cybersecurity.  As a result, they lack the resources and personnel to properly combat cyber attacks.  A recent survey found that 8 in 10 healthcare organizations lack a cyber security officer and 54% concede to not routinely conduct risk assessments.

2018 Will See a Greater Focus on Cybersecurity

It appears however according to a study published by the Center for Connected Medicine called “Top of Mind 2018 Survey of Technologies,” Healthcare organizations are putting a serious focus on cybersecurity.

• 92% of organizations plan to spend more in 2018 to prevent data breaches and cyber attacks
• 67% plan on adding cybersecurity staff
• 54% plan on investing in technology solutions that will aid them to identify and detect cyber threats before they have the opportunity to conduct their damage
• 17% are planning to open bitcoin wallets as part of their preparedness for ransomware attacks

A common theme throughout the report is the realization that cybersecurity must become a top-down strategic initiative.  Healthcare system executives across the board said they plan to invest in technologies to help improve overall strategy and response times when it comes to cyber threats. Organizations that lack the resources to fund internal staffs are planning to invest in outside services such as monitoring services and cybersecurity assessment consultants.

According to the ECRI Institute, a greater focus on best practices and end-user education will pay the largest dividends for healthcare organizations:

• A greater diligence needs to be applied to patching and updates
• Combatting emails embedded with hyperlinks and malware can serve as the first line of defence against ransomware or malware attacks
• Continuing education should be provided to all levels of staff as the last line of defence
• An attention to backing up all data using the 3-2-1 strategy

It needs to be mentioned that ransomware may be maturing as a form of malware and thus may evolve into new forms that may, in fact, be able to expand beyond direct physical connections.  The one certainty of ransomware is that maintaining a well-designed working backup solution will serve as an effective measure against the lasting effects of ransomware, no matter how it may evolve one day.

The fact that healthcare organizations are the proprietors of so much rich data makes them a primary target of cyber attacks.  The healthcare industry is also vulnerable because of medical devices with weak security and the use of legacy IT systems. With the start of the New Year, every healthcare organization needs to reevaluate its cybersecurity strategies as attacks are increasing in sophistication and force.  

Are you an IT professional working in the healthcare sector, that wants to ensure sensitive data and devices are protected?  Talk to a specialist or email us at info@titanhq.com with any questions.