Organisations are becoming increasingly susceptible to attacks – threatening day-to-day work and compromising confidential patient data and safety. Healthcare organisations are struggling to keep at pace with the rapid increase and sophistication of attacks on healthcare organisations. With attackers increasingly looking to profit from the disclosure of sensitive patient data, healthcare organisations should ensure strong technical security controls are in place to ensure the risk of data breaches is reduced.
66% of healthcare organisations say they experienced a ransomware attack in 2021, an increase from 34% in 2020.
74% of ransomware attacks were aimed at hospitals, and 26% at secondary institutions like dental services and nursing homes.
The average cost of the healthcare data breach was $9.6 million in 2021. So, it’s clear that data breaches are one of the biggest challenges for the healthcare sector. The emphasis is on proper device management and monitoring and encryption of sensitive data related to patients and their medication. Data breaches exposed at least 42 million records between March 2021 and February 2022.
Modern-day hospitals are one humongous basket of healthcare-related data. All healthcare professionals utilise connected medical devices to treat patients. With frequent use of such medical devices and equipment, having secure access to them is paramount. Unfortunately, most hospitals don’t give much importance to this aspect, which becomes a reason for a major cyberattack. Around five million unsecured medical devices were running through IoT and IoMT in 2020. It offers a chance for attackers to access insecure devices and take complete control.
Ransomware is a subset of malware in which attackers take the data on a victim’s computer through encryption and demands payment for decryption and return of access. Of all the new age cyberattacks healthcare professionals face, Ransomware is the most dangerous. Globally, Ransomware accounted for 304.7 million attacks in the first half of 2021, an increase of 151% since 2020. Cybercriminals cause these attacks through trojan viruses affecting computers or phishing mail when the users click on a link to download a particular attachment.
Medical professionals do not have the necessary expertise to recognise and mitigate cyber threats. Budget, resources, and time constraints mean it’s simply impossible for all healthcare staff to be fluent in cybersecurity best practices. A report analysed by Health IT revealed that nearly 24% of health employees in the U.S. hadn’t received any cybersecurity awareness training to help identify phishing scams.
Too many threats to healthcare cybersecurity exist to ignore the risks. In addition to acquiring personal patient data for financial gain, a security breach can cost lives. Increasing cybercrime requires that a cybersecurity strategy that addresses specific cyberthreats in the retail sector evolves around the following components-
Dionach has led the way in developing cyber security programmes in conjunction with NHS Digital with an aim to understand and improve the security posture of NHS Trusts across England. As a trusted cyber security partner for healthcare organisations, our long standing 23-year background, combined with our in-house innovation and research team enable us to stay on top of the latest cyber security threats to healthcare and empower organisations to meet the challenges faced in today’s complex cyber security landscape.
Get a Quote our Healthcare Cyber Security Experts