The healthcare industry is one of the main business lines that is directly influenced by the developments in the world of technology. While we have seen significant developments in treatment standards and patient care with the integration of new technologies in the sector, cyber-criminals try to exploit cyber weaknesses that may arise in this transformation process. As cyber-attack methods have developed and varied today, the healthcare industry is under threat like never before.
A wide range of attack vectors including ransomware threatening the integrity of the healthcare industry, data breaches threatening patient security, as well as DDoS attacks disrupting the patient care capacity of healthcare organizations, may cause serious problems in terms of cybersecurity.
Besides, a cyber-attack against the health system not only threatens data security but also the life of patients. In this blog post, we will discuss, by giving examples, how cyber-attacks might threaten the healthcare industry, and we will explain the measures to be taken to all-around access security. First, we will give the most up-to-date information on how much healthcare organizations are influenced by cyber-attacks.
The European Union Agency for Cybersecurity (ENISA) prepared a report on the cyber-attacks organized against the healthcare industry in the European Union (EU) countries. Cyber incidents that occurred from January 2021 to March 2023 were mapped and studied in this report, which is the first of its kind as it exclusively targets the healthcare industry.
According to the report, 53% of the healthcare organizations in the European Union member countries were exposed to a cyber-attack at least once from January 2021 to March 2023. 42% of the hospitals were exposed to a cyber-attack at least once in the same reporting period.
Ransomware attack is the most preferred (54%) attack method used by cyber-attackers against healthcare organizations in the EU member countries. It is another notable fact in the report that data leaks occurred in 43% of these attacks. The system was disrupted in 46% of ransomware attacks. As we have already mentioned at the beginning of this blog post, this is not just a problem related to patient data but poses a significant risk to human health.
Besides, sensitive data related to the personal and health conditions of the patients were mostly (30%) targeted throughout the reporting period. The report revealed two basic negative effects, which were data theft (43%) and disruption of healthcare services (22%). Disruption of healthcare services was induced by two main factors. First, the service capacity of healthcare organizations was disrupted (82%) and then, the service delivered by health authorities was suspended (12%). According to the ENISA report studying cyber incidents from January 2021 to March 2023, the median cost of cyber-attacks targeting healthcare organizations is 300,000 euro.
Ransomware attacks, which draw attention in the ENISA report, were also notable in the healthcare industry section of the DBIR report by Verizon. In the report, which studied 525 cyber-attack incidents and 436 confirmed data breaches targeting the healthcare industry, the primary patterns of attacks included unauthorized access to the system, basic Web application attacks, and breaches of professionals working at healthcare organizations realized through ransomware actors.
98% of the attacks were driven by financial motivation, displaying a scenario where external threats (65%), internal threats (35%), and a combination of external and internal threats (2%) played a role. The data hacked had a relatively homogeneous distribution; personal data (67%), medical data (54%), and credentials (36%).
Sensitive data of hundreds of thousands of people integrated into the healthcare industry around the globe are being threatened through the use of various cyber-attack vectors. Three recent incidents might be useful in showing why the healthcare industry should actually benefit from more advanced systems in terms of cyber security.
Atlantic General Hospital submitted a report to the Attorney General's Office in Maine, including an updated statement of the breaches complementing a file estimating that around 30,700 people, three of whom were settled in Maine, were affected by a ransomware incident. After carrying out further detailed analysis, the hospital updated the breach data to report that data of 136,981 people were affected by the breach, indeed.
A pharmaceutical company in Spain was also targeted by cyber attackers. According to the news reported by El Pais, a cyber-attack organized against Alliance Healthcare led to significant problems in the pharmaceutical supply chain. Noting that the system was disrupted during the breach, the officials stated that servers and online systems remained dysfunctional until the cyber threat was eliminated, but the IT teams acted fast to resolve the issue.
Another recent piece of news on data breaches that set the agenda in Asia indicated that the personal sensitive data of the patients were leaked. It was reported that personal data and medical histories of 100,000 patients were leaked in a cyber-attack organized against Hong Kong group OT&P Healthcare. According to Robin Green, the CEO of the Group, the cyber-attack occurred in the management and operating system of OT&P Healthcare. Green noted that the Hong Kong ID card and passport numbers of some patients were stored in the system.
An advanced data and access security system must be used to prevent cyber-attacks targeting the healthcare industry, minimize the damage caused by the attack, and optimize the post-attack recovery process. A high-level cybersecurity system intended for end-to-end protection of the access management systems of healthcare organizations will not only improve the overall security of the system but will also ensure optimal control and protection of staff and patient data.
Utilizing an advanced solution that ensures real-time protection is essential in the healthcare industry where human errors pose a great risk in terms of cybersecurity. Failing to take action against breaches in real-time, monitor the system 24/7, or control all the activities on the network might lead to the breach of patient rights and cause serious problems for human health. It is necessary to strictly control the access to sensitive data in the IT technologies infrastructure of healthcare institutions in order to avoid these problems.
It is of high importance to take advantage of a comprehensive Privileged Access Management (PAM) solution to control access and data security. Considering all these, it is essential that the sensitive data stored by various databases of the companies in the healthcare industry must be protected through multiple security measures including the monitoring, control, and reporting of authorized people accessing critical patient data, storing passwords of these authorized people in secure password vaults to prevent their illicit use, and even masking critical patient data against the privileged accounts accessing such critical data. Furthermore, PAM solutions that ensure the compatibility of healthcare organizations with sector-specific regulations like HIPAA can also be used to build a defense mechanism against data leakage and cyber threats.
Kron’s Privileged Access Management solutions fully meet the expectations of healthcare organizations thanks to its capabilities, modular structure, and advanced features, as mentioned in the reports of leading research companies including Gartner, KuppingerCole, Omdia, and Forrester. For instance; its database access manager controls authorized user accounts that access databases storing critical data, takes session logs, and uses data masking to mask critical patient data to allow for the control of privileged accounts and their activities. Thus, the activities of all users in the system including internal and external (third-party) accounts remain under your control. The Multi-Factor Authentication (MFA) solution authenticates the system users through several methods including OTP, geo-location, and time limit, while the password vault solution allows for storing the passwords of privileged accounts in a secure vault with the approval of the administrator.
Contact us to request a demo, and to learn more about our PAM solutions. Our expert team will be glad to inform you in detail about our solutions, and the access and data security requirements of your organization.