In a nutshell: It’s a sad fact that healthcare facilities remain a prime target for cyberattacks. Between January and September last year, the sector was hit by more attacks than any other, potentially putting the lives of patients at risk.
According to technology research provider Omdia (via the Financial Times), the healthcare sector suffered 241 cyberattacks during the first nine months of 2023. That’s over 100 more than the government (147) and almost three times more than software, hardware, and IT services (91). The data comes from publicly disclosed cybersecurity breaches, so some figures could be even higher.
Hacking was the most common type of cyber breach on the healthcare sector, followed by chain attacks, phishing, and ransomware. That last one is a particularly insidious form of malware as it can shut down vital services. A survey in 2021 showed that almost three-quarters of healthcare facilities said patients had longer stays as a result of ransomware attacks on the facilities. The incidents also caused delays and errors in test results, patients needing to be transferred elsewhere, increased complications from medical procedures, and higher mortality rates.
Last August, the FBI investigated an incident that impacted the systems of a California-based healthcare provider Prospect Medical Holdings, leading to emergency rooms across several states being shut down and ambulances being diverted to other hospitals.
There was an increase in the number of attempted ransomware attacks on hospitals and healthcare providers in 2020, with criminals believing the pressure these facilities were under from the pandemic would give them more incentive to pay a ransom. The incidents led to the FBI issuing a warning that more attacks would follow. A few years earlier, WannaCry had caused massive disruption to the UK’s national health service.
The FT reports that as healthcare facilities improve their defenses against traditional ransomware attacks, such as being able to restore vital data from backups, criminals have started stealing sensitive medical information rather than encrypting it. The thieves then threaten to publish these records on the dark web unless a patient or healthcare provider pays a ransom.
More medical products such as heart monitors, life support machines, and infusion pumps are becoming internet-connected, increasing from 503 million devices in 2021 to 760 million by 2026. While these aren’t usually targeted by hackers, vulnerabilities in devices with online connectivity are almost expected these days.