Cyberattacks that target important infrastructure, like healthcare, pose a serious threat to public health and safety. Criminal disruptions of hospital computer networks can have tragic consequences.
Most recently a bad cyber actor was arraigned on charges arising out of a cyberattack on a medical centre. The attacks disrupted phone service, information from a digitising device and disabled network printer service. In this case, the person was the chief operating officer of a network security company.
This cyberattack on a hospital not only has disastrous consequences on health services but patients’ personal information can be compromised. The FBI and Department of Justice (DOJ’s) law enforcement partners are determined to hold accountable those who allegedly put people’s health and safety at risk. This case is still being investigated by the Federal Bureau of Investigation (FBI) and they are committed to holding accountable those who endanger the lives of patients by damaging e-systems essential to the operation of healthcare facilities.
According to an article, cybersecurity incidents targeting healthcare organisations have become more prevalent and impactful over the years. A report found that ransomware attacks cost the healthcare industry a collective $20.8 billion in downtime in 2020. The number of ransomware attempts against the healthcare industry rose by 123% in 2020. The COVID-19 pandemic was a particularly serious time for the industry when the healthcare sector could not afford downtime due to cybersecurity attacks.
Another report found that 92 individual ransomware attacks occurred at healthcare organisations, and 600 clinics, hospitals and organisations were affected. In addition, more than 18 million patient records were impacted by these ransomware attacks, a 470% increase from 2019. In fact, 2020 brought the most ransomware attacks on healthcare providers in the past five years as hackers collected more than $2.1 million in ransom payments.
Double extortion attacks against the healthcare industry are a key strategy among bad actors. In a double extortion attempt, hackers steal the data and save copies in their own storage. Then they encrypt the data to prevent access. The hackers can then extort the victim for the decryption key and to keep the data off of the dark web.
There have been threats specifically targeting COVID-19 vaccine research, as well as the upstream and downstream supply chains of its development. This attack vector may continue for the foreseeable future as data around COVID-19 vaccine research and distribution may provide valuable insights at a nation-state or corporate espionage level.
Experts say healthcare organisations are easy targets for ransomware attacks because they cannot afford to lose access to patient records. Hospitals are more likely to pay ransoms on time as they cannot operate long without patient data as it will put patient health at risk. To protect against ransomware and other cybersecurity risks, companies should deploy machine learning and advanced threat protection-enabled endpoint protection.
Experts recommend zero-trust principles to combat ransomware threats. As reported by OpenGov Asia, in the light of many cyberattacks, the U.S. government has resorted to zero-trust security, a model that assumes all traffic on a network could be a threat and requires every user to be authenticated and authorised before being granted access to any sensitive application or data.
While zero-trust security doesn’t protect networks from every possible attack, it reduces risk, speeds up threat detection and closes gaps in visibility. It is tailor-made for a world where cloud computing and an ever-increasing number of mobile devices are increasing the network attack surface and demanding finer-grain security controls.