Healthcare groups today face more security threats than ever before. Hence, it is increasingly critical for organizations to have a functional healthcare cybersecurity strategy and system in place. The rise in electronic health records and electronic medical devices has increased the volume of data that passed through health systems. The troves of patient data have attracted cybercriminals who seek to steal and resell data to the dark web or hold it hostage for a ransom.
These attacks have grown more sophisticated with improved phishing campaigns, rattling IT executives enough to reconsider their current security strategies and adopt and deploy newer cybersecurity technology to fend off attackers. Considering the sensitive nature of the data that belongs to healthcare organizations, buyers must take extra care to understand why and how they are vulnerable and the most common security threats they face.
How cybercriminals target healthcare cybersecurity
The multi-surface attack is the most common method for cybercriminals to target healthcare organizations. First, the attackers scan public-facing IP addresses to detect common exploits in web services and other unpatched applications. Next, a flood of phishing email targets every email address that comes from a website directory or other email sources. When users click on some of the links included in these phishing email messages, the hackers can exploit those identified holes in the system and penetrate deeper into the victim's network.
Data breaches are not always the result of lack of security tools or data protection policies. Hackers are able to discover vulnerabilities in IP cameras, HVAC control systems, web servers, IoT and computer systems. In some cases, they can gain access through password leaks or even the use of simple and predictable passwords. Unfortunately for hospitals, every new piece of technology provides another source for attackers to target. Devices that patients bring home also pose a large healthcare cybersecurity risk because they extend outside hospital firewall protections.
Editor's note: With extensive research into the cybersecurity market, TechTarget editors have focused this series of articles on vendors with considerable market presence that offer security platforms targeted for healthcare organizations. Our research included Gartner, Forrester Research and TechTarget surveys.
The most common cyberattacks against healthcare groups
Despite the security concerns around IoT devices, mobile devices and cloud services, the bulk of the attacks that hospitals currently experience include one or more of the following:
- Spear phishing and phishing scam. Attackers send email messages to unsuspecting users posing as a known manager or co-worker, containing a link that redirects them to a malicious website where users inadvertently download viruses and ransomware.
- Impersonation. Attackers impersonate bank alerts, LinkedIn, Netflix and even Microsoft Teams messages that ask users to visit a look-alike website, requiring them to log in, which exposes their passwords to the attackers. It can be difficult for busy hospital employees to distinguish between fake and real email, increasing the risk of password leaks and even possible ransomware infections.
- Ransomware. The code behind ransomware is simple, yet a crippling encounter can shut down a hospital's EHR for days. If an admin executes some code that they had either downloaded accidently from the internet or received via email, then the code simply scans all the accessible file shares and begins the silent and damaging process of encrypting all files. While this is happening, the code sends the encryption key to servers in foreign countries and into the hands of the criminal who hold the data hostage for ransom.
- Cryptojacking. This rising threat involves hackers who target computers across one or multiple organizations and use the computer's processing power to mine cryptocurrency on their behalf. With the rise of cryptocurrency use, the only way to increase digital currency funds is through receiving a cryptocurrency transfer or mining it by using multiple computers or machines to support the blockchain network and, in return, receive small amounts of cryptocurrency. But attackers quickly realized that they can simply infect thousands of computers with hidden code that can mine currency across all infected systems and then send the money to their account.
A reliable healthcare cybersecurity system can protect an organization against these attacks and more. Data leaks and branches can also result in much larger financial and reputational consequences, so buyers must know the full scale of both the threats they face and the benefits they can draw with effective healthcare cybersecurity in place.