ThreatSTOP Blog

Cybercrime Against Healthcare Soars During COVID-19

Written by Ofir Ashman | February 24, 2021

Healthcare has been one of the most severely impacted industries by the still-menacing COVID-19 virus. The sudden global pandemic created a surge in demand for clinical care, medical equipment, healthcare technologies and eventually - a solution. All of these and more rely on information technology. From making appointments and delivering healthcare to patients, to using internet-connected medical devices and developing vaccine research, COVID-19 response is vulnerable to cyber attacks on all levels. Being by far the most pressing issue today, it comes as no surprise that attackers are exploiting the difficult situation healthcare institutions are facing to wreak havoc and cash in on their struggle.

The first few months of COVID-19 boasted big-name healthcare attacks, such as the ransomware attack on Champaign-Urbana Public Health District, or the takedown of critical systems at Brno University Hospital in the Czech Republic. On top of that, the WHO detected that attacks on their systems had doubled during this time, and the U.S. Department of Health and Human Services was purportedly victim to an attempted DDoS attack. But attacks on healthcare didn’t just stop there. Check Point technologies reports a 45% increase in attacks against healthcare organizations globally since the 1st of November, 2020. This is more than twice the increase seen in other industry sectors.

 

Are healthcare organizations prepared for cyber attacks?

Unfortunately, the answer is not really. While they are being highly targeted by the most sophisticated (did someone say ransomware?), healthcare is one of the most ill-prepared industries in face of a cyber attack. According to Healthcare Finance News, only 4-7% of a healthcare institution’s IT budget is allocated for cybersecurity, less than half of what other sectors invest in their security.

The attacker’s equation is simple then. Healthcare is an industry that has:

  • Vital, precious information to steal
  • Critical, life-saving activity that cannot afford to be halted
  • The weakest security

For hackers, the current state of cybersecurity in healthcare makes it an easy-to-seize jackpot. Lisa Rivera, a partner at Bass, Berry and Sims who focuses on healthcare security shares that estimates show a whopping $5 billion in costs annually due to cyber attacks on the healthcare industry.

 

ThreatSTOP's security recommendations for healthcare institutions:

1. Overcome the underinvestment hurdle

Rethink your security measures and procedures. Are you properly protected from a cyber attack? Does the product in use offer a solution for malware that has already breached your network? Search for the most cost-effective security solution for maximum protection while still fitting in your budget. With that being said, make sure you're not underinvesting. Spending a bit more on security today will save so much more later if you've been breached.

2. Establish a "security culture"

Cybersecurity training for all employees is a must. So many employers overlook this critical step while building their protection plan, yet most breaches occur due to human error. Educating employees and preparing them for phishing and hacking attempts will greatly minimize the amount of potential attacks on your network. Staff should make sure they install software only after getting consent, and all devices containing patient medical information should be protected with encryption. If you have staff working from home or on remote devices, they should use a VPN to ensure secure connections over any internet infrastructure. Constantly check which personnel and devices have access to health record systems and perform access control accordingly.

3. Prepare a clear incident response plan

Test your systems and processes – is your incident response team ready for a breach today? Determine if your plan follows all the key phases of a good incident response plan – preparation, incident identification, damage containment, eradication, recovery and restoration, and feedback for future cases. Collaborate with device vendors for incident response in case of medical devices or clinical information systems.

 

Ready to try ThreatSTOP in your network? Want an expert-led demo to see how it works?