Note: this article ties into our June webinar series with Edward Stringfellow and Daniel Buchanan, listen to the whole webinar here: June 2023 Webinar – Top 5 Cyber Threats to Healthcare | Stringfellow Technology
In recent years, the frequency of cyber threats, including phishing, hacking, and email attacks, has seen a dramatic surge, affecting entities of all sizes across various sectors. A sector that’s been hit particularly hard is healthcare, with the effects being felt from local clinics in Nashville to national healthcare institutions. The troubling statistic is that over 32 million healthcare records are currently compromised, highlighting the importance of understanding the top cybersecurity threats to healthcare practices.
The fallout from these cyber breaches can be enormous, with the average financial fallout from a healthcare data breach sitting around 9 million dollars. Even more alarming, cybercriminals often infiltrate systems and lurk unseen for nearly a year before launching their attack. This article aims to shed light on the top five cybersecurity threats that healthcare practices face.
1. The Prevalence of Social Engineering Attacks in Healthcare:
Social engineering, usually through phishing or email attempts, stands as the most significant threat to healthcare practices. Cybercriminals have become adept at using voice calls (vishing) and text messaging as tools for deception. Despite big tech companies like Microsoft assuring users they’d never ask for passwords over a call, many continue to fall for such tricks. This reality underscores the urgent need for ongoing security awareness and training.
For more information, see this report from HHS: 202208181300_The Impact of Social Engineering On Healthcare_TLPWHITE (hhs.gov)
2. Understanding Ransomware Attacks and Their Impact on Healthcare Practices:
Ransomware attacks typically follow successful phishing attempts. These attacks result in hackers encrypting files, making it impossible for healthcare practices to access crucial data, such as billing information, claim files, or entire Electronic Health Records (EHRs).
For more information, check out this report from Chief Healthcare Executive: FBI: Healthcare hit with most ransomware attacks of any critical sector (chiefhealthcareexecutive.com)
3. Loss or Theft of Equipment: A Persistent Threat to Healthcare Data:
Loss or theft of physical equipment poses a constant threat. It can potentially leading to sensitive data ending up in the wrong hands.
For more information, check out this article: Lost and found: Keeping track of healthcare equipment | Healthcare Dive
4. Insider and Malicious Threats: A Hidden Danger to Healthcare Systems:
While the probability of such threats is decreasing, there remains a risk. There can be insiders causing harm to the system, either intentionally or by being exploited by external threat actors.
For more details, see this article: Insider Threats: In the Healthcare Sector (cisecurity.org)
5. Protecting Connected Medical Devices from Cyber Attacks:
Attacks on connected medical devices are mostly relevant to larger hospital systems. They typically have a broader array of connected devices.
As Daniel aptly highlights in the webinar, patient safety must be central to this conversation. Medical providers are bound by the Hippocratic Oath to “do no harm.” This principle should extend to the realm of patient data. A data breach can lead to the leak of sensitive information, such as names, addresses, and social security numbers, causing lifelong consequences for patients, such as identity theft and financial fraud.
In a world where technology and patient care are deeply intertwined, healthcare practices need to ensure the safety of patient data.
Despite various communication tools available, healthcare continues to rely heavily on email, making it a prime target for hackers. With the average worker receiving about 80 emails a day, one wrong click can lead to a serious data breach.
Understand these top cybersecurity threats to healthcare practices and continually refreshing safe computing practices. This is paramount in the ongoing battle to protect patient data and maintain secure healthcare systems.
Listen to the whole webinar here:
June 2023 Webinar – Top 5 Cyber Threats to Healthcare | Stringfellow Technology