Health tech companies are “extremely lucrative” for hackers, according to experts. As unrelenting cyber attacks continue to rise, we look at the steps you can take to protect yourself and your business…
Hackers don’t attack randomly – they make educated and calculated decisions based on what they think they can gain. In the case of the NHS, its public embarrassment and power over sensitive information – ideal weapons for financial manipulation. When they target private businesses, they zone in on the health tech sector for a similar reason.
Cybercrime – the data
According to an FBI report, there were a record 847,376 complaints of cybercrime reported by the public in 2021. SMBs lost $212,000 in 2021 due to cyber incidents that affected suppliers with whom they share data.
And the numbers are only rising, as there were 50% more cyberattacks per week on companies compared to 2020.
Cyber attacks & health tech
Ross Brewer, vice president for EMEA and APJ at AttackIQ, told Health Tech World that health tech businesses are “extremely lucrative” for hackers. The large quantities of sensitive patient records stored are, apparently, partly to blame.
He said: “Because medical personally identifiable information is so confidential, regulators take data breaches in the healthcare sector extremely seriously.
“The penalties for a cyber-attack can be costly and it is partly for this reason that cyber-attacks in the medical sector cost businesses more than in any other sector last year.”
Ross Brewer
Why hackers attack healthcare in general
In the most recent NHS attack, fear spread about the loss of sensitive patient data, and medics were left grappling with disrupted services including ambulance dispatch, prescriptions and the 111 helpline.
The UK health system was accused of “sleepwalking” into a cybersecurity disaster unless they dug deep and paid the necessary funds for increased security.
That – or pay much more in the long run as hackers continue to be successful.
Ross continued: “As we saw with the recent NHS 111 cyber-attack, ransomware can also have long-term ramifications for the delivery of healthcare.
“Disruptions to hospital IT systems can leave healthcare workers forced to take patient care notes by hand.”
Cyber attacks “getting more frequent”
“These attacks are only going to become more frequent as time goes on, so it’s imperative that health tech chief information security officers (CISOs) ensure that their cyber defences are up to date and regularly tested.”
Stay protected from business cybercrime
Being aware that you could be a target, and being able to “stress test” your defences, is a good place to start in protecting your business.
Ross continued: “It’s no good waiting for an attack to happen, healthcare boards need to be more proactive by checking the efficacy of their controls and patching where necessary.
If healthcare businesses don’t get there first, they can be sure that attackers will find and exploit them.
“Fortunately, the industry is always collecting information about the latest tactics and techniques of the cyber-criminals attempting to steal patient information.”
MITRE ATT&CK
“The globally accessible MITRE ATT&CK knowledge base allows CISOs to test their defences against the methods of attack they’re most likely to meet in the real world and strengthen areas that don’t successfully repel attacks.
“In a recent survey of our own customers, endpoint detection and response controls only worked 39 percent of the time. This is testament to the vital importance of testing and improving cyber defences, considering the human cost associated with disruptive ransomware attacks, or lost patient data.
Why cybercrime is a growing business concern
Harman Singh, director of Cyphere, told Health Tech World that hackers will quickly adapt to the world around them – making it a problem which can not be solved permanently.
He continued: “For example, during 2021 till date, cybercriminals targeted the healthcare sector with pandemic themed malicious campaigns. It resulted in data breaches and ransomware attacks disrupting business operations. This industry experiences one of the highest numbers of data breaches annually.
“At the heart of organisations are data sharing and health records exchange between departments and other units, including surgery centres, facilities, labs, staff stations, patient rooms, pharmacies, and external suppliers (third party).
“Adding MedTech evolution and cloud connectivity to the mix muddles things up even more when it comes to data collection for various uses. The lack of a formal audit, in which third-party auditors verify that the IT controls governing logical boundaries are sufficient and effective, results in COVID-19.
“The expanded boundary of trust by default opens up new technical possibilities unavailable to regular users who must rely on informal monitoring and self-control procedures instead.
How cybercriminals exploit your weaknesses
Cybercriminals employ a variety of attack vectors to target internet-facing digital assets of an organisation, including phishing attacks.
Harman Singh added: “To gain a foothold on the healthcare organisations’ network quickly, attackers target vulnerable and unmonitored internet-facing assets. As a result, it is easier to connect and execute additional activities as per Cyber kill chain phases”
In recent years, the following weaknesses have been exploited heavily by organised crime groups:
- Remote Desktop Protocol (RDP) or Virtual Desktop endpoints
- Insecure configuration of web servers, system management, Electronic Health Record (EHR) software
- Trivial or weak authentication mechanisms such as weak passwords, flawed authentication implementations
- Remote connectivity software product vulnerabilities
He added that unsupported platforms such as Windows Server 2003, Windows Server 2008, with weakened security due to the wrong choice of passwords.
Don’t miss…
Cyber attacks on healthcare will “just keep coming” – experts warn
