The findings from a recent Gartner Peer Insights survey – Cybersecurity in the Healthcare Industry – show that nearly half of participating healthcare organizations have experienced a data breach in the past two years. As the number of connected and unmanaged devices increases, threats targeting IoT, IoMT and OT devices can undermine patients’ confidence in the ability of healthcare organizations, and the industry as a whole, to deliver high-quality care and protect their safety.
What is most concerning about attacks on the healthcare industry is that any of the four most common types of attacks (ransomware, supply chain attacks, Cloud or business email compromise) can trigger serious patient health consequences as a result of cybersecurity failures at the hospital concerned. Also, surprisingly, only 24% of healthcare organizations have MFA authentication policies in place, which is one of the key solutions required to guarantee security in the sector.
Healthcare: the third most targeted industry in 2022
In 2022, cyberattacks rose globally by 38% year-on-year with a surge in attacks on healthcare organizations. Ranked below government and education and research, healthcare became the third-most-attacked industry globally recording an increase of +74% and reporting up to 1,463 incidents per week.
Which unique factors make the healthcare industry more vulnerable?
- End-of-life systems are the chief vulnerability factor while phishing attacks are a shared concern. As legacy systems for network infrastructure, hardware and software continue to prevail across the industry (81%), problems related to maintenance, incompatibility with modern Cloud-based solutions, weak security and poor employee collaboration and patient care persist. This makes EOL the top cybersecurity threat to the healthcare sector.
- Staff shortages or lack of skills (58%), as well as obsolete safety standards (51%).
- The main cybersecurity challenges they will face in the next 12 months: phishing (76%) and ransomware attacks (73%). This is not surprising, as phishing attacks are one of the most common attacks in the healthcare sector and can either take the form of mass email campaigns to trick employees into revealing their passwords or are highly targeted campaigns designed to obtain fake invoice payments.
Since 2018, ransomware attacks on healthcare organizations have cost the global economy $92 billion in downtime alone. Despite this high figure, only 35% of healthcare executives use identity security to deal with security incidents when it is a critical entry point in most attack scenarios.
Which cybersecurity solutions are key for the healthcare sector?
- Secure Wi-Fi to protect smart medical devices: Healthcare IoT devices are often connected on the same network as general-purpose IT equipment, making them more susceptible to infection or attack. By setting up secure Wi-Fi hotspots, healthcare organizations can visualize crucial information such as signal strength coverage, wireless client bandwidth consumption or hotspot usage. This makes it possible to identify potential threats and compromised devices by detecting anomalous traffic.
- Advanced Persistent Threat (APT) Blocker to defeat ransomware: APT blockers analyze behavior to determine if a file is malicious by sending suspicious files to a Cloud-based sandbox to emulate, execute and analyze the code to determine its threat potential. If a suspicious file is deemed malicious, this solution takes action to protect the network and digital assets.
- Secure telemedicine with VPN tunnels: creating drag-and-drop VPNs protects the path from patients to electronic medical records (EMR) by encrypting data communications, thanks to firewall devices.
- MFA to defeat phishing: Human error is one of the biggest cybersecurity challenges, but implementing an MFA solution reduces the danger of weak or stolen credentials.
The healthcare industry needs to understand its weaknesses and improve its security posture from the ground up. At WatchGuard we have created a Security in Healthcare web section to assist with this task. It serves as a guide to understand which cybersecurity solutions are essential to protect this industry and stop it from being a soft target so that healthcare organizations can focus all their efforts on their true purpose: saving lives.