Healthcare has become an increasing target of ransomware and other cyberattacks since the emergence of the COVID-19 pandemic. Indeed, a wave of cyber onslaughts crept into healthcare organizations once the WHO declared the coronavirus outbreak a pandemic. With passing days, however, a growing number of cyberattacks have strangulated the healthcare industry worldwide. The recent healthcare ransomware attacks on three organizations demonstrate the bleak and concerning picture within the industry. It includes healthcare ransomware attacks on the Irish national service, Waikato hospitals in New Zealand, and Scripps Health in San Diego.
An Expanding Attack Surface
The attack surface of healthcare has swollen significantly over the last two decades. It happened because of the introduction of electronic health records (EHRs), telemedicine, and wireless medical devices. The pandemic has only accelerated the use of the above-noted innovations.
The adoption of EHRs has made data theft and healthcare ransomware attacks more damaging for healthcare organizations. On top of it, it increased the possibility that cyberattacks will disrupt even the essential operational ability.
Likewise, enabling remote work has made it effortless for attackers to access healthcare networks through the staff. The particular concern refers to the inescapable utilization of remote-access VPNs and remote desktop protocols (RDPs) by hospital employees. Both technologies can present significant dangers and risks to organizations. By 2020, cyber attackers expanded their focus on remote desktop protocols by 768%, alongside remote-access VPNs.
Furthermore, experts have measured a 25% increase in data breaches and a 123% jump in healthcare ransomware, according to the latest estimates. At the same time, healthcare organizations have been facing cyberattacks from all corners. So, cybercriminals leverage the same security weaknesses that have long affected the industry.
Exploiting Weak Email Phishing Defenses
Cybercriminals exploit several techniques to penetrate networks. Nevertheless, one of the top choices remains the option of email. There are various reasons for leveraging the choice of email. The significant cause remains an increasing chance of success because of the lack of awareness or training about phishing by staff.
One of the 2019 studies in the Journal of the American Medical Association demonstrates an exceedingly worrying picture concerning phishing. According to the study, researchers sent nearly three million simulated phishing messages to employees working in different healthcare organizations. Surprisingly, as large a number as 422,062 clicks had taken place. It signifies an incredible number of recipients fell prey to the given trap.
Outdated and Unpatched Systems
In the healthcare industry, the continual use of outdated and unpatched systems remains a long-running problem. Essentially, the issue originates from budgetary pressures. It includes the equipment (such as MRI machines) cost and handling an exceptional IT security operation.
A 2020 IoT Threat Report published by Palo Alto Networks reveals a shocking fact regarding legacy systems. It states that 83% of medical imaging equipment runs unsupported Windows operating systems in healthcare organizations in the US. Unfortunately, the equipment continues to function unpatched against familiar vulnerabilities.
Third-Party Security Risk
The presence of third-party ecosystems in hospitals poses several security challenges. The third parties may range from medical clinics, diagnostics laboratories, and outside doctors to equipment suppliers, software providers, and billing services.
The direct impact hits the hospital when any of the third parties get compromised. Usually, many outside organizations possess direct access to patient information. If not, some of them contain privileged access to the network of the hospital.
Healthcare has always been a target of cybercriminals because of its valued individual and financial information. But the shift to more violent and dangerous strategies puts a considerable burden on this sector. The tactic may include healthcare ransomware extortion and double-extortion. Meanwhile, the increasing risk of healthcare ransomware and cyberattacks stresses the significance of being prepared in advance. An organization can deal with cyber onslaughts if it increases investments in cybersecurity and has well-developed incident response plans.