More than one in three healthcare bodies have suffered a cyberattack within the last year, while almost one in ten have paid a ransom or extortion fee. That’s according to a survey by a cybersecurity software firm.
Healthcare data is valuable on the dark web as it contains highly sensitive data, financial and protected health information, says Imperva. As a result, healthcare bodies are increasingly attractive to attackers, the cyber company adds. With the introduction of web-based healthcare portals and remote patient mobile technology, managing security within healthcare organisations has become more difficult, it’s claimed.
The cyber firm’s survey of 102 healthcare IT people, as carried out at the 2018 Healthcare Information and Management Systems Society (HIMSS) conference, found that 77 percent of respondents were very concerned about a cybersecurity event striking them and 15 percent admitted that their organidation’s ability to handle a cyberattack needed work.
Terry Ray, chief technology officer at Imperva said, “Attackers understand the value of the data held by healthcare organizations, and as a result, they are quickly becoming a sweet spot for hackers looking to steal large amounts of patient records for profit. There have been a number of incidents recently where cybercrime has impacted hospitals and left them unable to access patient data, which demonstrates the consequences of a successful attack. It is crucial that healthcare organizations take steps to protect their data. To retain patient trust, organizations must provide an excellent defense at all times.”
Survey respondents were asked what attacks caused them the most concern, and the most cited response was ransomware (32 percent). In the last year, there have been numerous examples of hospitals suffering ransomware infections, where they have been left at a complete standstill and unable to access patient data. Attackers know that if a healthcare organization does not have a mitigation strategy in place, they will likely opt to pay a ransom, rather than risk losing access to patient files entirely. However, research has shown that half of organisations never get their data back even when they do pay the ransom.
As for insider threats, respondents were most concerned about careless users (51 percent). About a quarter, 27 percent said a lack of tools to monitor employees and other insider activities makes detecting insider threats difficult. Thirty-two percent indicated that collecting information from diverse security tools is the most time-consuming task when investigating or responding to insider threats.
Terry Ray added: “As we’ve seen in past high-profile cases, data breaches caused by careless, malicious or compromised insiders are a very real threat. However, because the user has legitimate access to enterprise data, attacks from the inside can take a long time to detect. To mitigate the risk, organizations should ask themselves where their sensitive data lies and invest in protecting it. Businesses can employ solutions based on machine learning technology to process and analyze vast amounts of data. This will help them pinpoint critical anomalies that indicate misuse of data, so they can quickly quarantine risky users to prevent any further issues.”
When survey respondents were asked about incident response, 26 percent revealed they do not have a plan in place while an additional 28 percent of respondent admitted that their healthcare body does not have a chief information security officer (CISO).
To see the survey results, visit bit.ly/2s2gYlq.
