4 min read  | Cybercrime

Can vulnerability management services minimise data breaches in the healthcare industry?

According to a report published by the Office of the Australian Information Commissioner, there were over 446 reported incidents of cybersecurity breaches across different industries in Australia during the first quarter of 2021. 

Over half of these attacks took place in the healthcare industry. 

Interestingly enough, the report highlighted that ransomware attacks are a significant concern, with over 60% of organisations suffering an attack over 12 months. 

Ransomware attacks (where hackers block access to data unless a ransom is paid) are the leading form of healthcare cyber security breaches in the medical industry, and as the incident in UnitingCare Queensland shows, can compromise hospital operations in several ways. 

Let’s explore why ransomware is the leading cause behind cybersecurity breaches and why the healthcare industry is particularly susceptible to it.  

Why ransomware is the leading cause behind healthcare cyber security breaches

Ransomware has become the biggest cause behind healthcare cyber security breaches in 2021 for several reasons. Here are some of them. 

Medical organisations have poor data security standards

When compared to finance and IT, the medical industry does not have a robust cybersecurity infrastructure. 

Over 66% of hospitals and medical providers failed to conform to protocols outlined in the National Institute of Standards and Technology Cybersecurity Framework. While another survey revealed that most healthcare organisations spend over 5% of it’s IT budget on cybersecurity. 

Lower cybersecurity standards make the industry a tempting target for hackers. 

Part of the reason for the lax cyber security in the healthcare industry could be due to a lack of regulation. The medical industry does not have a comprehensive legal framework for healthcare data security. 

There are signs, however, that this will change in the future.

In December 2020, the Security Legislation Amendment Bill was read to the Australian Parliament to improve cyber security infrastructure in different industries, including healthcare. This development will hopefully lead to better cyber security standards in the future. 

Poorly secured medical devices make for an easy target

Medical devices can improve healthcare, but there are some concerns about their security capabilities. 

Depending on the hospital, there could be over 10-15 medical devices per patient bed. When there are thousands of devices connected to each other or online, it is difficult to create a secure network. 

This issue is compounded by how secure each device is because most medical devices don’t have the necessary security updates to guard against cyber attacks. 

A widespread network makes it hard to protect against cybersecurity, making it much harder to create a secure virtual environment that hackers cannot enter. 

Medical data is valuable 

When compared to data from different industries, medical data commands a high price, making it a lucrative target for hackers. 

Records on a single patient can sell for $150 on illicit channels, whereas credit card data only costs a few dollars. The disparity in value makes medical data a far more lucrative target for hackers. 

Medical data is crucial for hospital operations, which is why it commands such high value. Without the data, it is impossible to provide care to patients or complete administrative operations. It would also explain why hospitals tend to capitulate to ransomware demands. 

Research suggests that 6 out of 10 hospitals tend to pay the ransom, which only encourages hackers to double down on the tactic.  

Hospital staff lack cyber awareness training

Cyber security risks in healthcare are often worsened by staff ignorance. According to a PwC survey, only 50% of healthcare respondents said they consider cybersecurity in their business decisions. 

The lack of cybersecurity in planning and administration creates a situation where staff do not receive the necessary training in security. 

If staff are not trained on cybersecurity, they could be even using devices without noticing the signs of a breach. The lack of awareness means hackers can enter the system and collect data well before an alarm is raised.    

On average, it takes medical organisations over 236 days to detect a cyber breach and another 93 days to mitigate the damage, making it easier for hackers to enter the network and hold the data ransom before there has been a breach.

A lack of cybersecurity awareness training makes it much harder to block out cybersecurity attacks.   

Mitigating ransomware attacks with Triskele Labs 

The medical industry has been the frequent target of ransomware attacks due to a lack of standardised cyber practices, training for medical staff, and proper cybersecurity infrastructure.

To mitigate cyber risks in your healthcare organisation, you need to examine your cybersecurity infrastructure. You need to assess medical technology, staff awareness, and security practices, then leverage your findings to develop a roadmap that will elevate cybersecurity standards.

If you are looking for a certified cybersecurity consultant that can reduce healthcare cyber security breaches, then Triskele Labs can help. 

Our CREST-registered team can assess your infrastructure and help you develop a roadmap to help you guard against ransomware attacks.