Cyber Security Threats in Healthcare

Cyberattacks have been targeting the healthcare industry, among the biggest industries in the US, in the 2018 period. The implication is that it has come time to improve the protection of institutional and patient information with a more tailored approach to this threat. In comparison with other industries, many health organizations have engaged in inadequate investment in cybersecurity while spending approximately as much money as other industries. It is quite worrying when phishing cyberattacks, as well as breaches of patient databases, become as serious as life-threatening scenarios.

Healthcare attracts cybercriminals because of two basic reasons. First, healthcare is usually a great source of valuable and important data, and it has weak defenses. Secondly, breaching allows for stealing health data, while ransomware attacks on health facilities can comprise attacks on inserted medical devices. These breaches potentially decrease patient trust, disrupt health systems as well as threaten people’s lives. This means that there is certainly a sense of urgency for providers of healthcare services as well as health institutions to have and put in efforts in cybersecurity.

Healthcare networks comprise both clinical departments and inpatient facilities and telemedicine practices, providers of healthcare in rural areas, monitoring of online medical devices, as well as multi-cloud environments. Presently, game-changing technologies make use of mobile devices, social media, cloud computing, and the Internet of Things, which signify an increasing number of access points. Also, security strength differs broadly. People’s data sources can easily be integrated together to take advantage of high-value items such as medical identity and financial assets.

Remarkably, many of the cyberattacks on these institutions are aimed at having marginal monetary income and normally do not comprise revenge against certain institutions or people. The biggest motivating factor for cybercrime in healthcare involves the value found in the obtained personal information. A 2015 report regarding healthcare data security by Ponemon shows that the normal data breach cost for healthcare institutions is appraised to be over $2.1 million whereby criminal attacks that involve the lead cause of breaches in this industry, which is an increase of 125 percent in comparison to five years ago. The money obtained from every stolen data set may be into thousands of US dollars, which depends on the kind of information attained and the extent to which the patient data set is complete. Stolen medical information and identities can have many uses, including the victim’s attempt at gaining coverage, fraud done by organized criminals, and massive deception.

Also, it is likely to only take a cyberattacker a few seconds or minutes to comprise the institution, but detecting the breach, evaluating the damage, and security initiatives to avoid similar kinds of attacks in the future may take weeks to months. A novel, highly preferred approach founded on healthcare institutions heavily depending on outsourced services and vendors is known as Attach to Software Supply-chain. This specific extent of cyberattack is risky for organizations since they have access to an extensive base of potential breaching points. Often, this is accomplished by directing traffic from the major domain to an infected domain, direct comprising the vendor’s software, and targeting providers of outsourcing hosting services. Further normal cybercrime risk comprises ransomware and malware, phishing attacks, illusion websites, cloud illusions, as well as employee compliance.  

 Cyberattackers may disable or damage devices, servers, as well as networks through malware. Ransomware involves an extended form of malware in which a monetary demand is normally made on the promise of restoring the services.

A common method involves phishing attacks, whereby a large number of emails are normally sent to an organization with addresses that apparently seems to be sent from a trustworthy sender. Normally, this action seeks to obtain sensitive data such as login credentials as well as user data so that to breach the account or the system.

Increasingly, cloud systems are being adopted as a reputable source for healthcare institutions to store big quantities of data, including PHI (Protected Health Information). This has been perceived to be a regular weak spot within the institutions, arising from inappropriate network encryption.

Trends defined by smart illusion websites are increasingly becoming popular presently. Website addresses look very similar to renowned sites and may easily be misread at a quick glimpse. They can make a strange user share access or even enter PHI and personal information, including social security or credit card information.

A little examined but significant risk factor is employee error. Essentially, the weakest link in various computer systems normally involves an operator. A whole health institution can become susceptible to cybercrimes due to unencrypted devices, weak or nonspecific login credentials, and failure in other compliance measures.

The popularity as well as convenience of telemedicine, together with the increasing advancement in medical technology, enable most inserted medical devices to be examined and adjusted, as well as data recorded just by being linked to the internet. These medical devices come with breach risk as well as susceptibilities like other computer servers and systems. Also, it is vastly suggested that manufacturers of devices and providers of healthcare that insert the devices adopt more security measures to make sure total safety of the patients.

Protection of systems is not as easy as it appears since healthcare facilities are unusually technology-saturated, intricate organizations with sophisticated complexity, regulatory burdens, as well as internal politics. HealthIT.gov5 provides top suggestions to improve cybersecurity in these institutions. They include the following: establishing a security culture, protecting mobile devices, having good computer behaviors, having a firewall, installing and maintaining antivirus software, planning for unanticipated outcomes, controlling PHI access, limiting network access, as well as controlling physical access. A universal approach does not fit well with all institutions, even with these basic suggestions. Adopting new security measures can happen through the use of present technology resources, critical patient care aspects, and each organization’s needs.

Considering the complexity of current healthcare networks, sharing of PHI is normally done internally as well as externally throughout different multidisciplinary terms as well as services. The result is organizational demands to be transparent and visible across the whole user surface, particularly using cloud-based storage to examine the threat, ensure compliance, as well as respond to integrated systems to network changes.

Even though the healthcare industry has been behind the curve in regard to monetary investments in cybersecurity, it has been slightly ahead of the cure in relation to device communication encryption. Even though this provides security for the PHI data in a network, it leads to a higher need for examining both outbound and inbound encrypted information because of the possibility of concealed malware as well as disguised stolen information being obtained from the network. All Internet of Medical Things (IoMT) inventory devices can be used in tracking and referencing them occasionally against any disclosure.

A popular cybersecurity approach involves the adoption of firewalls to safeguard the institutions’ information technology systems. There are several forms of firewalls, which depends on external or internal network processes. Majority of organizations use a packet filtering firewall, application of level gateway, and a stateful inspection firewall. The standard one is a packet filtering firewall, which works as an internal electronic feed filter and basically safeguards HER (electronic health record) security. Status inspection firewalls are utilized in verifying the relationship between received electronic feeds with past filter feeds. An application-level gateway serves as a gatekeeper for the institution’s network once IP web scans for threats before forwarding the page to the end users. External network connections are normally accessible in this kind of firewall by way of a gateway to avert external incursion into the institution.

With the rising IoMT devices’ dependency on work-done functionality, institutions are also likely to seek to reinforce network segmentation. A segmented-strategy method can help achieve this by utilizing an NGFW (next-generation firewall). NGFWs basically incorporate a conventional firewall with added network device sorting abilities. NGFWs are set to address segmented data and users and to monitor traffic moving through a network or across various domains. Thus, a healthcare organization can oversee multiple points of the network to regulate data, users, as well as users.

Also, healthcare organizations have failed to invest available resources as well as time to sufficient training for identifying threats, handling susceptibilities, as well as halting breaches of security. Focus on healthy computer practices and constant education can ensure that all employees of the organization are responsible for safeguarding patient information. Establishing a cybersecurity protocol would benefit network users as well as organizations together to follow a certain chain of command in case of a cyberattack.

The healthcare sector has remained behind other industries in terms of cybersecurity progression and has not been protecting present shareholders due to ineffective systems protection. Organizations in this industry ought to take the required steps to enhance security measures, as well as constantly put cybersecurity efforts in line with ever-advancing cyber criminal capabilities.

Did you like this example?

418

22