Only a year after an FBI analysis revealed that ransomware attacked the healthcare sector more than any other, Tech Radar reports that cybercriminals are now focusing more on these firms.
According to the article, hackers are apparently able to quickly and successfully sell sensitive patient data, making healthcare providers one of their most notable targets owing to the significance and sensitivity of health data. According to reports, this stolen data might also be ideal for financial fraud from credulous individuals through techniques like forging invoices.
(Photo : NoName_13 from Pixabay)
Hackers are enjoying a new hacking tool dubbed WormGPT which works similarly with OpenAI's ChatGPT.
In 'Healthcare Data Are Remarkably Vulnerable to Hacking: Connected Healthcare Delivery Increases the Risks,' Ross Koppel and Craig Kuziemsky state that the healthcare sector is especially susceptible to these attacks due to the dynamic and ever-changing nature of a patient's medical care, as well as the volume of clinicians, facilities, and transactions needed to connect patient care across multiple settings.
Healthcare data becomes more appealing but also more susceptible as the study specifically states that with the advent of mobile healthcare equipment and linked healthcare delivery systems, the creation of security solutions for each environment or physician is complicated by the many variances in digital health use patterns.
Read Also: Research Claims Medical Professionals Now Ready to Embrace AI
Healthcare Cybersecurity Recommendations
Tech Radar also notes that the healthcare industry could be more vulnerable to cyberattacks as a result of ineffective management and a lack of awareness of the hazards associated with end-of-life (EOL) situations. By providing focused training on risk reduction and compliance, healthcare practitioners can become more aware of the hazards associated with EOLs and perhaps avert such security breaches.
The aforementioned study also recommended measures to mitigate the industry's susceptibility, stating that in a technical standpoint, medical devices ought to be built with the features and controls necessary to permit or forbid the gathering and sharing of data from the user or device to the EHR and other third parties, such as parents and physicians.
Enhancement is also recommended by the study at the administrative or policy level for unclear security guidelines and explanations for network security of various networks that necessitate collaborative network cybersecurity.
Healthcare's Long-Standing Cyber Vulnerability
These recommendations prove to be in line as last November, Tech Radar reports that US healthcare behemoth McLaren said that the most recent hack had compromised the sensitive data of over 2 million patients. Complete names, birth dates, social security numbers, medical records, billing claims, diagnostic information, and prescription and drug details were among the exposed data. Information from Medicare and Medicaid was also compromised.
Aside from the 2022 FBI report, healthcare's susceptibility to cybercriminals proves to be a long standing issue as a different report states that A cybersecurity firm called Critical Insight conducted a study that found that in 2022, a data breach involving health information impacted close to 50 million Americans. Based on information gathered by the U.S., each of the 11 biggest health data breaches in 2022 had an impact on at least one million individuals.
According to a Ponemon Institute poll, over half of healthcare IT professionals stated their firms have been the target of a ransomware attack in the previous two years, a slight increase from 2021's reported cyberattacks.
Reuters also reported way back in 2014 wherein the FBI alerted healthcare providers to the fact that, in comparison to other industries, healthcare providers' cybersecurity measures are inadequate, leaving them open to cyberattacks by hackers looking for personal health insurance information and medical records belonging to Americans.
Related Article: Genetic Testing Firm 23andMe Confirms Hackers Accessed 14,000 Customer Accounts, Including Ancestry Data
