The healthcare industry is under attack for a reason. Cybercriminals view it as a place that’s ripe for “big wins,” and the number of large healthcare institutions recently falling victim to data breaches shows they’re having success.
But, what exactly makes healthcare such a popular target among today’s cyber criminal community? In this post, we’ll take a look at what’s so appealing to malicious hackers about the healthcare industry, including:
Cybercriminals that are able to penetrate healthcare networks gain access to sensitive information through medical records. The value of a stolen record is based on its ability to be replaced. For example, credit cards are easy to replace. It simply involves a phone call to the card issuer and a trip to the bank to get a new one. Patient records and other human data, however, are difficult if not impossible to replace. EMRs serve as a one-stop-shop thanks to the availability of full names, social security numbers, addresses, and more.
This information can be used for financial fraud outside the healthcare industry and if the victims’ health insurance information is gathered, criminals can then sell the information for even more money on black markets. In fact, one Medicare number can reportedly sell for nearly $500 on today’s black market (up to 10x the amount of a credit card number). Health insurance information can be leveraged for medical fraud, and arms criminals with the information needed to access free medical care, prescriptions, or even the ability to buy expensive medical equipment that can be sold for profit.
Lastly, stolen medical data can go undetected for much longer periods of time than something like a credit card, which is often closed within days of a breach.
More internet-connected medical devices and systems are being incorporated into the framework of healthcare than ever before. As a result, cybercriminals are being provided with more avenues of ingress and surfaces to attack than ever before.
Connected devices like drug pumps or pacemakers that are commandeered by cybercriminals could have fatal consequences. However, cybercriminals also try to breach non-life threatening devices to gain access to systems. Newly introduced connected medical devices are especially vulnerable to threats, as security can oftentimes take a backseat to device performance and convenience across the industry.
Once cybercriminals find their way into networks, they aren’t just using access to steal patient data. In the past year, there have been a number of instances where ransomware was used as a means for quick financial “wins.” With ransomware attacks, cybercriminals seize control of systems and lock them up until the institution pays them currency for returned access. Healthcare institutions are often pressured into paying the sums of money being asked as prolonged downtime can be damaging to reputation, and more importantly, patient safety.
While ransomware, or even more traditional denial of service attacks (DDoS) will likely continue to be a popular attack method against healthcare organizations, data we have uncovered here at Fortinet suggests that cybercriminals may now be expanding this ransom-based attack strategy to the manufacturing industry.
With so many connected pieces of medical equipment and different types of software being run, it’s a challenge for healthcare organizations to successfully defend against attacks. Inadequate budgets and a lack of skilled security personnel, combined with the hurdles presented by a variety of security needs, are all holding healthcare institutions back, and cybercriminals are aware of their struggles.
The industry’s vulnerability makes it an easy target for criminals as a result. A attacker targeting a healthcare organization often has the luxury of gathering a little bit of information from one system, and then moving on to their next target without being detected. The number of vulnerable systems in an existing healthcare network makes it simple for them to collect a bunch of small wins over time that can equate to a big win overall.
Larry Ponemon, chairman and founder of The Ponemon Institute, recently stated, "As evidenced by the headline-grabbing data breaches over the past few years at large insurers and healthcare systems, hackers are finding the most lucrative information in patient medical records. As a result, there is more pressure than ever for healthcare organizations to refine their cybersecurity strategies."
There’s both truth and urgency in this statement. Today’s healthcare organizations need to think about ways to speed up and improve their security. Comprehensive cybersecurity solutions that address today’s borderless attack surface make it possible for healthcare institutions to be both secure and high-performing at the same time.
Let’s get a conversation going on Twitter! How is your organization protecting against cyber criminals looking for their big win?