Data shows that cyberattacks are on the rise in the healthcare industries worldwide, but institutions in the sector are unable to protect sensitive data from hackers.
As the global pandemic continues to increase the number of victims by the minute, it’s only natural that the entire attention is on the global healthcare system. Employees, employers, families, every average person on this planet is looking towards medical specialists for a solution to end these uncertain times caused by the COVID-19 pandemic. But, it seems that the global healthcare sector also has full attention from hackers and cybercriminals.
Since the Coronavirus pandemic outbreak, health records have become a precious commodity, which, to hackers, translates into an “expensive” commodity. As a result, during the second half of 2020, the number and intensity of cyberattacks on hospitals and other institutions in the health system increased significantly.
It’s not just the increased interest in health data that has led to the rise in cyberattacks in the sector. It’s also the rise of telemedicine as a result of the lockdowns and other social distancing restrictions. More precisely, as people were locked in their homes and told to avoid physical contact with other people as much as possible, telemedicine became a significant trend in healthcare. Doctors would use technology to deliver care and other health services to their patients. But while this helped people around the world stay safe, it opened the doors to an array of opportunities for hackers interested in stealing health data.
Image source: https://unsplash.com/photos/ZCO_5Y29s8k
Healthcare cyberattacks data that stands out
The pandemic conditions didn’t make the job of cybersecurity experts any easier. Quite on the contrary, the last year in pandemic was a pretty lucrative period for hackers.
2020 saw many changes like remote work models, an increase in “bring your own device” policies, as well as the rapid shift to digital and cloud-based services, a shift that was rarely done correctly and securely due to the rush.
Opportunistic hackers then quickly understood that these new conditions caused by the pandemic left institutions without any protection against their schemes.
The result?
- The NHS, UK’s National Health Service reported that in 2020, it was targeted with almost 14 thousand phishing emails that aimed to fool the recipient into giving away confidential and sensitive data. Later, the institution reported that over 100 inboxes were compromised by hackers and were sending malicious emails to their contacts.
- Last year in June, a ransomware attack that targeted a hospital in Colorado made five years of patients’ medical records become impossible to access.
- In the US, healthcare breaches increased by 55.1% from 2019 to 2020.
- Experts estimate that over 26 million patient records were exposed to unauthorized people in the US last year, of which 24.1 million were exposed due to healthcare cyberattacks.
- Earlier this year, in February, the Oxford University Lab studying COVID-19 was attacked by hackers who succeeded in gaining access to many systems in the lab, including the technology used to prepare biochemical samples that were used in COVID-19 research.
It’s clear that hackers are now more than ever interested in stealing health data, no matter the consequences. But that’s not all. What’s really worrying is the fact that these healthcare institutions targeted now more than ever before by hackers don’t seem to have enough cyber protection in place to resist the attacks.
In a survey that included Fortune 1000 companies in the healthcare system, 80% of them reported being the victim of at least one cyberattack in the past five years. However, only 18% of them claim that they believe that the security built into their medical device products is capable of offering protection against hackers. On the flip side, 80% of organizations report that the cybersecurity products used are not robust enough to prevent a cyberattack.
Besides that, only 13% of IoMT leaders in the healthcare system believe that their companies are prepared to deal with future cyber threats. 70% of them believe they are prepared but at an average level. As for 17% of them, they shared in the survey that the company they run or work for is not prepared for cyberattacks at all.
The impacts of healthcare cyberattacks can be devastating
When healthcare institutions seem to have a hard time protecting the most sensitive data of patients worldwide, one can only wonder what impact these cyberattacks will have, not only on the average person but on the entire global nation.
When attacking health institutions, hackers aren’t just messing with one individual’s data. They can potentially affect millions, if not billions of people from around the world, especially in these uncertain times.
Why do hackers want to steal health records and data? For multiple reasons, including selling them on the dark web, for identity theft, or sometimes simply to mess with people and prove to themselves that they are capable of cracking into medical systems that are supposed to have tough and robust protection.
Stolen medical data can have tremendous consequences, particularly today when the wellbeing of every single person on this planet is at risk due to the COVID-19 virus.
More precisely, stolen or deleted patient records, as was the case at the hospital in Colorado, will make the job of doctors a lot difficult to treat certain patients. Since records become inaccessible, doctors can no longer see their patients’ medical history, which burdens the process of treating these patients.
On a bigger scale, stolen data can affect people from all around the world. For example, stolen data from research laboratories that are currently focusing all their efforts on finding the right vaccine and treatment for the COVID-19 virus affects not only the researchers but also the entire planet as the discovery process is stopped or held back.
Healthcare cybersecurity is now, more than ever before, essential. Everyone in the industry, from doctors and nurses to key medical leaders, everyone must pay more attention to keeping health data safe.