Cybercriminals are drawn to healthcare networks

Increased digitization in healthcare is a contributor to the industry’s enlarged attack surface. And it is accelerated by a number of factors: the broad adoption of Electronic Health Records Systems (EHRS), integration of IoT technology in medical devices (software-based medical equipment like MRIs, EKGs, infusion pumps), and a migration to cloud services. A hospital room is equipped with an average of 15-20 devices connected to the internet in today's world of healthcare. The proliferation of medical and internet-connected devices in healthcare brings both clinical benefits and security risks.

Indeed, the increasing use of medical IoT devices makes healthcare organizations more vulnerable to DDoS attacks; attackers use infected IoT devices in botnets to launch coordinated attacks. Since healthcare IT systems contain sensitive patient data, the sector has long been a target for hackers. Cybercriminals are drawn to healthcare networks because of widespread flaws that offer lucrative opportunities, which is why attacks are on the rise. Ransomware-as-a-service has become the norm in the cybercrime community in the healthcare industry this year.

“Globally, ransomware attacks have been one of the biggest threats to cybersecurity, particularly in the healthcare sector. As per Sophos’ The State of Ransomware in Healthcare 2021 report - 34% of healthcare organizations were hit by ransomware in the last year. Hospitals and health systems are, quite unfortunately, ripe for ransomware and other cyberattacks. Some of the factors most responsible for the rise in healthcare-targeted cyberattacks are due to the nature of the industry itself, like decentralized operations across hospitals and healthcare providers, and exponentially growing volumes of patient health information being captured and stored electronically (i.e. electronic health records) by health systems.

Healthcare providers need to invest in technologies like EDR with human-led threat hunting, deploying lightning-fast incident response, risk assessment so that they know what threats they face, understand the vulnerabilities and assess the likelihood of being attacked. Cybercrimes are advancing at a rate which we can no longer afford to ignore. If everyone does their part by implementing stronger security practices, raising community awareness, educating vulnerable audiences, our interconnected world will be safer and more resilient for everyone.