Security challenge for the healthcare industry

According to the 2020 IBM Cost of a Data Breach Report, the monetary cost of recovering from a cyberattack is significantly higher for healthcare organisations. The price tag increased by 10% between 2019 and 2020. It is around $7.13 million. But more concerning than monetary losses is the human cost. In the November of 2020, German officials attempted to prove that the death of a patient was the direct result of a ransomware attack. This is because of the shutdown of the hospital’s infrastructure.

Since the Wannacry ransomware attack against the UK’s National Health Service in 2018, the specter of cyberattacks has loomed large on healthcare institutions. Patients’ information’s are being data breeched or a more dangerous encryption of data. But as breaches continue to occur, they are forced to look at the inherent flaws of most healthcare institutions’ approaches to threat defense. In January 2021, ransomware attacks against healthcare orgs had jumped about 45%. This spike followed an alarming 71% increase in the October of 2020.

The reason behind cybercriminal’s determination to breach the security of hospitals and healthcare providers is simple, leverage. There is nothing that will motivate a victim to pay up more than endangering the health and safety of individuals. The value of medical information is even higher than other types of personal identifiable information. Double-extortion ransomware, whereby threat actors steal data before encrypting their target’s systems, is significant among the cybercriminal gangs. They can monetise on their efforts twice.

Because of the pandemic, already valuable clinical trial and research data also became even more appealing to the threat groups. Philadelphia-based medical software company eResearch Technology was hit with a ransomware attack. In that instance, attackers were able to shut down a number of clinical trials eResearch Technology provided tools to. Medical devices, just like operational technology, run an operating system. When these machines are connected to the network, they can be targeted by an attacker. The secret to beat threat actors is to think like them. We need to shift security postures to make sure we make it too time-consuming and expensive for a hacker to launch an attack.

Improving detection capabilities is a key component of shifting this paradigm. Deception allows organisations to stop lateral movement. By distributing deceptions that mimic genuine IT assets throughout the network, attackers are essentially trapped in a net of fake connections. This can trigger an alert if an exploit is attempted. Deception technology alerts are generated by real attacker movements within a network. As threats continue to mount for organisations in the healthcare sector, it is literally a matter of life or death.