Healthcare in the crosshairs of cybercriminals
According to Radware's 2018-2019 Global Application and Network Security Report, healthcare was the second most affected industry by cyberattacks in 2018, after public sector. In fact, about 39 percent of organizations in this sector were attacked by hackers on a daily or weekly basis, and only 6 percent said they had never experienced a cyberattack.
Increasing digitization in healthcare is helping to increase the industry's attack surface. And it is accelerated by a number of factors: the widespread adoption of Electronic Health Records Systems (EHRS), the integration of IoT technology into medical devices (software-based medical devices such as MRIs, ECGs, infusion pumps), and the migration to cloud services. In fact, the increasing use of medical IoT devices makes healthcare organizations more vulnerable to DDoS attacks: Hackers are using infected IoT devices in botnets to launch coordinated attacks.
Accenture estimates that data loss and related outages will cost healthcare companies nearly $6 trillion, or euros, in 2020, up from $3 trillion in 2017. Cybercrime could have a devastating financial impact on the healthcare sector over the next four to five years.
According to the aforementioned Radware report, healthcare organizations saw a significant increase in malware or bot attacks, with social engineering and DDoS attacks also growing steadily. Even though the number of ransomware attacks has decreased overall, hackers continue to hit the healthcare industry hardest with these attacks. And they can be expected to further refine ransomware attacks and likely hijack IoT devices to extort ransoms. In addition, cryptomining is on the rise, with 44 percent of organizations experiencing a cryptomining or ransomware attack. Another 14 percent experienced both. Yet few healthcare providers are prepared for such attacks.
Why the health service?
The healthcare industry is approached for a number of reasons. A key one is money. Healthcare spending accounts for 20 percent or more of GDP worldwide, making the industry a financially attractive target for cybercriminals. And according to Radware's report, medical data trades higher on the darknet than passwords and credit card information.
"Regardless of the motivation, ransomware and DDoS attacks pose a dangerous threat to patients and providers," said Michael Tullius, Regional Director DACH at Radware. "Many diseases are increasingly treated using cloud-based monitoring services, embedded IoT devices, and self- or automated administration of prescription drugs. Cyberattacks could seriously endanger people's lives and well-being in the process."
Recommendations
Securing digital assets can no longer be delegated exclusively to the IT department, but is increasingly becoming a matter for the top management of healthcare providers. Radware experts recommend a number of measures to proactively address cyberattacks in healthcare:
- Continuously monitor and scan for vulnerable and compromised IoT devices and take appropriate remediation action if the need arises.
- Create and implement password management policies and procedures for devices and their users; ensure all default passwords are changed to strong passwords.
- Install and maintain antivirus software and security patches, and update IoT devices with security patches as soon as patches are available.
- Installation and configuration of a firewall to restrict incoming and outgoing data traffic
- Segmentation of networks, if necessary Restriction of access to network segment
- Disable universal plug-and-play on routers unless it is absolutely necessary.
- Where appropriate, use of cloud services from specialist providers to defend against cyberattacks
