Technology is advancing at breakneck speed and alongside there is increased chances for data breach. All industries are transforming their data into digital format with the help of data conversion services to easily share, archive and secure the vital information. In the healthcare industry, data protection is always a priority, and compliance and security are also required. In today’s connected world, data has more value than any other commodity in hospitals, doctor’s offices, pharmaceutical companies and other healthcare organizations and these data are prime targets of cyber criminals.
Healthcare provider networks are often under attack by ransomware. According to the 2017 Security Metrics Guide to HIPAA Compliance, healthcare organizations accounted for more than 36 percent of last year’s reported data breaches. With cyber attacks on healthcare organizations on the rise and cyber criminals developing advanced tools and methods to hack patient data, healthcare data security has become very important.
Types of Cyber Threats
The main reason why the healthcare industry is targeted is the number of different systems that are not patched regularly. Some of these embedded systems cannot be easily patched on account of their particular design. Healthcare data includes critical information such as patient data, social security numbers, and insurance details among others, and theft of such data will put patients’ well-being at stake. Cybercriminals are investing more time and resources into exploiting and monetizing healthcare data.
The following are the security threats healthcare industry has to watch out for:
- Theft of patient data: Healthcare data is more valuable compared to financial data to cyber criminals. As per the Trend Cybercrime and Other Threats Faced By Healthcare Industry report, stolen medical insurance ID cards sell for at least $1 on the dark web and prices for medical profiles start at $5 each. According to the Trend Micro report, the data from ID cards can be used be used to get government documents such as driver’s license, which sell for about $170. Each time cyber criminals come up with new techniques to steal health data.
- Phishing: This is a popular cyber attack to gain entry into a system. It can be used to install ransomware, crypto mining scripts, spyware or code to steal data. According to a study by KnowBe, healthcare is on par with most other industries in terms of being victimized by phishing. Healthcare organizations with 250 to 1000 employees have not received security awareness training and have 27.85 percent chances of falling a victim to phishing. Usually organizations with 1000 + employees are more likely to be phished. This is because the organizations with fewer employees get more training and operating at a higher level of sophistication.
- Cryptojacking: Healthcare industry is a common target for cryptojacking because the systems always keep on running. In a healthcare system the systems keep running throughout and this becomes more beneficial for cyber criminals to attack data. Crypto mining codes do not harm systems but it consumes a lot of computing power and the right way to identify this is when systems and productivity slows down. Some cryptojackers will throttle their code to lessen the detection risk. Many healthcare organizations do not have the IT or security staff to identify and remediate that kind of cryptomining attacks.
- Insider threats: According to a recent report by Verizon Protected Health Information Data Breach Report, 57.5 percent of threat occurs from within the organization and only 42 percent were external. Majority of insider breaches are motivated by fun or curiosity, by accessing data outside their job responsibilities.
- Ransomware: According to Cryptonite Healthcare Cyber Research report of 2017, hackers believe that ransom attacks are more likely to succeed because hospitals, medical practices and other healthcare organizations do not want to put human lives at risk. They feel compelled to take immediate action. The effect of ransomware when a healthcare organization cannot recover quickly can be damaging.
How to Prevent Healthcare Security Threats
- Train employees: Train your employees not to click on phishing emails. They should learn to recognize phishing attempts, and avoid them.
- Be careful with information: If the phishing attack is more personalized, then there is a greater chance it will succeed. In a phishing attack, the attacker tries to learn as much as possible about the targeted individual. So keep your information safe and be careful while handling data.
- Identify the risk prone areas: Analyze your healthcare organization’s chances for risk i.e. understand the risk around your end users, all of the applications, back and front end systems, your remote locations and so on. Leading healthcare organizations identify risk around their entire business and apply security breach practices.
- Defend and respond to threats: Often, healthcare providers fail to appropriately investigate an incident. They also lack the staff to fully remediate so that this never happens again. So the first step is to prioritize security and make sure that you have a dedicated CISO with applicable experience. Small healthcare providers may not have the resources to hire CISO but must prioritize security implementation.
- Understand that data breach can happen to anyone: Healthcare data is more valuable than ever before and all types of healthcare data can be at risk. The best way to prepare for a breach is to acknowledge the fact that it can happen and will happen at any time. This will help ensure more vigilance.
Good healthcare security architecture is always built around people, process and technology. Extreme care must be taken when utilizing third party solutions such as data conversion services. Cybercriminals are always finding stealthy ways to get around security measures and obtaining the required information while healthcare organizations are striving to protect against these data breaches. Therefore healthcare organizations should always be proactive in implementing strong security measures to counter any new security threats and not wait until the attack happens. It is most important to educate all users and employees because as humans they are often the weakest link in the chain.
