Healthcare: A Major Target for Cyber Threats

stethoscope on computer keyboard

 

Healthcare Industry Threats

Organizations within the healthcare industry– including all three sectors services, products, and finance are all vulnerable to cyber threats due to the many patient records they digitally store. As a result, healthcare organizations are an enticing target to cybercriminals looking for financial gain. To protect patients from financial distress, it is advised that senior leaders within healthcare organizations begin to look at their patients’ cybersecurity as another essential component of the care they provide. 

 

According to The AHA Center for Health Innovation, patient data targeted by cybercriminals includes protected health information (PHI) and personally-identifying information (PII) such as social security numbers, and financial information. Healthcare organizations are an appealing target for criminals because stolen health records often will sell for more money. There are many ways health records can be used to turn a profit including extortion, fraud, identity theft, data laundering, and selling stolen data via the dark web to the highest bidder.

 

What’s at Stake

If an attack is successful, a breach could ignite a domino effect of negative repercussions for the organization and its patients. To the patient, a breach could directly impact their healthcare provider’s ability to care for them, besides the fact that their personal and financial information may be compromised. An unfortunate example took place in May 2017 when Britain’s National Health Service (NHS) was hit with the ransomware “WannaCry”, which prevented several hospitals across England and Scotland from performing necessary patient surgeries. This breach was accredited to the name “Eternalblue,” which was given to the Microsoft Windows vulnerability that was exploited to carry out the attack, affecting over 200,000 computers in over 150 countries. 

To healthcare organizations, the remediation of a breach could come with an extremely high price tag. According to IBM Security, the cost of remediation following a healthcare breach is, on average, three times the cost of remediation in other industries. The average price is $408 per stolen health record, compared to $148 per other record types.

 

Recent Attacks on Healthcare

In June 2022, over 31 significant breaches of around 10,000 or more records were reported stolen, with the most significant breach affecting just under 1.3 million people, according to HIPPA Journal

 

Top June 2022 Healthcare breaches:

Texas Tech University Health Sciences Center

  • Cause: ransomware
  • Individuals affected: 1,290,104

Baptist Medical Center

  • Cause: ransomware
  • Individuals affected: 1,234,031

MCG Health, LLC

  • Cause: unspecified hack
  • Individuals affected: 793,283

Yuma Regional Medical Center

  • Cause: ransomware
  • Individuals affected: 737,448

 

What To Do 

Cybercriminals spend most of their time searching for gaps and vulnerabilities to exploit within organizations. The healthcare industry has a target on its back. Senior-level leaders must heed the breaches within their industry and take action to implement tools that will aid them in filling these gaps. Threat detection tools will increase visibility across the growing threat landscape, so organizations can be notified of a cyber threat before a breach. Threat detection tools such as an XDR platform will provide organizations with extended visibility, analysis, and response across networks and clouds in addition to apps and endpoints. Industry leaders should also consider hiring a third-party SOCaaS that will monitor their entire digital infrastructure 24/7, allowing less opportunity for cybercriminals to impact their organization and its patients negatively. 

 
AgileBlue SOC| XDR

AgileBlue is a SOC|XDR  platform that is proven to detect cyber threats faster and more accurately across your entire digital infrastructure and cloud. We provide 24/7 monitoring, threat detection, cloud-based SEIM, and response to identify a breach before it occurs. Are you ready to patch the cracks in your digital infrastructure? Please fill out the form below, and one of our experts will be in touch with you shortly.

Written by Peter Burg

Peter Burg is Director of Business Development at AgileBlue, partnering with organizations who are looking for ways to make IT and cybersecurity work. Peter currently resides in Minnesota and is a big baseball fan.

August 15, 2022

You May Also Like…

Request a Demo

AgileBlue is a software company with an innovative SOC-as-a-Service for 24X7 network monitoring, cloud security, data privacy and compliance.

Our modern SOC-as-a-Service is built on innovative machine learning and autonomous execution. If you would like to discuss our SOC-as-a-Service, Partner Program or schedule a brief demo please give us a little info and we will contact you immediately.