3 min read  | Cybercrime

How and why ransomware attacks became the biggest driving force behind healthcare cybersecurity breaches

Healthcare cybersecurity breaches have put the healthcare industry in grave danger.

Now more than ever, the healthcare industry has been falling victim to cyber attacks, which have put the lives of thousands in jeopardy. 

According to the Australian Cyber Security Centre (ACSC), there has been an 84% increase in cyber attacks in the healthcare industry.

The most menacing of these malicious cyber attacks is ransomware, which can lock up computer systems and coerce organisations to pay a hefty sum of money to release them. 

With the health industry working at capacity due to current events, they have become an attractive target for cybercriminals.

When a hospital falls prey to ransomware attacks, they lose access to vital IT systems, and hospitals have no choice but to comply and pay the attackers to save the lives of their patients.

In this post, let’s explore the factors that have made the healthcare industry the favourite target for cybercriminals.

Electronic health records (EHR) and remote working

Most healthcare facilities have modernised their IT systems and have started using EHR instead of the old way of storing records in file cabinets—about 96% of hospitals use EHRs nowadays.

Although EHRs have made handling patient information faster and easier, they have also increased the attack surface for ransomware. Unless these records are encrypted, hackers can find their way in and take control without much resistance.

In addition to this, many hospitals have opted to have a portion of their workforce work remotely due to COVID-19, which has created a pathway for cybercriminals to gain access to healthcare networks through Remote Desktop Protocols (RDPs) and initiate ransomware attacks. 

Studies have shown that Ryuk ransomware has been targeting RDPs in the healthcare industry more than ever.

The third-party ecosystem

Hospitals have a significant third-party ecosystem consisting of visiting doctors, other clinics, and medical supplies and equipment providers connected to their networks.

The healthcare institution may become affected if the third-party vendors experience a ransomware attack, as cybercriminals can infiltrate the primary network through them.

Hospitals need these third parties to keep their operations going, meaning the third-party ecosystems will continue to persist and be a potential gateway for cybercriminals to stage ransomware attacks, unless they are protected with the latest security methods.

Inadequate cybersecurity training

Most healthcare professionals do not possess the knowledge to handle cyber threats or have the skills to identify cyber threats like phishing, which could let ransomware in.

Unfortunately, hospitals do not invest enough in awareness training for their employees or their cybersecurity infrastructure—only 33% of hospitals and clinics have proper cybersecurity systems in place—making them an easy target for cybercriminals. 

Lack of recovery plans

Some hospitals do not have recovery and backup plans to help them in the event of a ransomware attack. This may be due to time or budget constraints.

Without a proper recovery plan, however, hospitals can only choose to pay their way out of a ransomware attack.

Outdated IT systems and equipment

Cybercriminals always keep their malicious tools up to date. They know that cybersecurity experts always find new ways to keep them out, so they up their game.

Hospitals, especially older ones, however, still have outdated IT systems, making them vulnerable to healthcare cybersecurity breaches.

It is estimated that 22% of healthcare institutions rely on outdated medical equipment that is not supported by vendors, and 26% are unaware that vendor support is available.

Hospital equipment like MRI and X-ray machines are expensive, and hospitals keep them as long as possible. Eventually, the software for these devices become obsolete, making them easy targets for new and more sophisticated forms of ransomware attacks.

Healthcare cybersecurity breaches—an act that endangers lives

Ransomware attacks on the healthcare industry is a terrifying reminder of how low some people are willing to go for financial gain. These attacks have caused millions of dollars in damage to healthcare facilities and put countless lives at risk.

Fortunately, the healthcare industry can improve its cybersecurity posture and prevent these horrible attacks from happening in the future.