Connect with us

Hi, what are you looking for?

HEADLINES

Meeting the healthcare sector’s unique cybersecurity challenges

In 2020, more large healthcare data breaches were reported than in any other year, according to a recent report by IntSights, a Rapid7 company.

By Paul Prudhomme
Head of Threat Intelligence Advisory, IntSights, a Rapid7 company

In August 2021, as many citizens in Manila looked to get vaccinated against Covid-19, the city’s vaccination website was attacked by hackers 133 times.

The city’s mayor later told news outlets that “troll farms” were possibly behind the hit on the vaccination registration site, seeking to deny real users from using it.

The attacks were not the only cyber threats facing the Philippines’ healthcare sector during the pandemic, as it tried to help citizens navigate the crisis.

Advertisement. Scroll to continue reading.

Earlier, in November 2020, a software tool that healthcare workers in the Philippines used to share data about Covid-19 cases was found to contain multiple flaws that could potentially expose patient data.

Researchers at a laboratory at the University of Toronto discovered vulnerabilities in the Covid-Kaya platform’s Web and Android apps that allowed unauthorized users to access private data about the platform’s users, according to cybersecurity news website Threatpost.

These incidents are reminders of the need to manage cybersecurity risks as healthcare providers digitalize rapidly to improve patient care and meet the urgent demands of a pandemic.

The Philippines is certainly not alone here. In the Italian city of Lazio, cyber attackers managed to disable the Covid-19 vaccination booking system last year, preventing citizens from getting their vaccination appointments for days.

Hackers likely believed this would pressure the Italian authorities to pay up the ransom to unlock the systems they had disrupted through a cyberattack.

Advertisement. Scroll to continue reading.

Unsurprisingly, during the pandemic, cyber attackers have sought to exploit the confusion and fear of citizens and government agencies, hoping to cash in as victims often became desperate in life-and-death situations.

In 2020, more large healthcare data breaches were reported than in any other year, according to a recent report by IntSights, a Rapid7 company.

In addition, 2021 saw five consecutive months (March through July) in which industry data breaches have been reported at a rate of two or more per day.

While cybersecurity is a threat to all organizations, healthcare providers face some unique challenges, particularly during the pandemic.

For starters, the personal details in protected health information (PHI) are useful for criminal groups that wish to commit identity and insurance fraud.

Advertisement. Scroll to continue reading.

Once data such as social security numbers of medical records are leaked on underground criminal forums on the Dark Web, they can be reused and exploited repeatedly.

While it is true that the healthcare sector is highly regulated in terms of security and data protection, this can sometimes work against organizations in the sector.

For instance, cyber attackers may count on victims in the healthcare sector to pay up a ransom because they would otherwise incur a hefty fine from government regulators for losing patient data.

This could give them additional leverage compared to, say, a victim in another sector that does not have the same stringent regulatory oversight.

Another unique feature of the healthcare sector is the medical devices that are connected to a network all the time.

Advertisement. Scroll to continue reading.

IntSight’s study in the United States found that some healthcare providers had not been updating their devices with the latest firmware because they were worried this might void the approval already received from the Food and Drug Administration.

Although the authorities only ask that significant modifications be sent for approval, some providers become “over compliant” and end up not updating the software on their devices.

As a result, these devices could be left in a vulnerable state for years – many of them run for a decade or more – and act as a perpetually open door for cyber attackers to enter.

There is yet another worrying thing for the healthcare sector. Despite the value of highly personalized data that can be stolen here, the price of unauthorized access to a healthcare organization is relatively low among criminals.

The lowest price in a data sample that IntSights obtained, from monitoring underground criminal networks, was just US$240, for access to a Colombian healthcare organization.

Advertisement. Scroll to continue reading.

This could be because of a perception that it is relatively easy to steal data from a healthcare organization or simply that there is an oversupply of such information.

These findings from IntSight’s global study offer valuable lessons for Southeast Asian healthcare organizations, particularly on how to reduce their risk and improve their security posture.

Here are four important steps:

  1. Establish priorities: Find and address the most critical vulnerabilities first, then identify which assets are most likely to be targeted
  2. Integrate cyber threat intelligence: Discover threats before they arrive at your doorstep, then tailor defenses against them.
  3. Build robust ransomware defense: Use offline backups and strong encryption; avoid the temptation to pay off a ransomware gang.
  4. Balance usability and cybersecurity: Use multi-factor authentication on a mobile app and limit remote access to a bare minimum, for example, to reduce risk.

Increasingly, cyber criminals are seeking more effective ways to pressure their victims to cough up ransoms. Besides stealing and locking up precious data, they also extort victims by threatening to expose sensitive data.

For healthcare organizations, the key to overcoming such new cybersecurity challenges is first understanding the unique risks that the sector faces and trying to keep a step ahead. Constant vigilance has to be the norm.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Yondu launched an extensive, month-long cybersecurity awareness campaign focused on modern threat detection, incident response, and social engineering defense.

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

HEADLINES

While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024....

Advertisement