September 24, 2021,
Why Healthcare Keeps Falling Prey to Ransomware and Other Cyber Attacks
Healthcare institutions have been the subject of various cyber-attacks nowadays. Disruptive ransomware attacks have affected many health care facilities globally, exposing the pervasive levels of risk in the healthcare industry. Because they hold valuable financial and personal data, they are a favorable target to cybercriminals. Below are the reasons cybersecurity in healthcare has been subjected to compromise, putting personal data at risk.
Health care facilities lack proper segmentation of the network. This puts the organization at risk because the attacker’s lateral movement is uninhibited and increases its surface of attack. Since medical devices have a connection to the major network nowadays, they are prone to cyber threats. Health care institutions’ laxity towards network segmentation exposes them to various cyber threats. Instead of aggressively using Access Control lists, subnets, and other modern networking devices and protocols, hospital networks use legacy devices and software prone to ransomware attacks.
They use Legacy Devices and unpatched systems
To date, many health care institutions use unpatched or outdated hardware devices and software. These are prone to ransomware attacks and other breaches since they lack modern methods of securing and transmitting the data. The high cost of acquiring equipment like MRI machines may be a factor that contributes to the continued use of legacy systems. Compatibility between software and hardware is crucial. Legacy devices, unsupported versions of operating systems, and other software manage the hospital equipment. To date, most medical imaging equipment runs on discontinued versions of the Windows operating system and is unpatched against known vulnerabilities. It puts cybersecurity in healthcare in jeopardy, allowing ransomware attacks to be prevalent.
Expanded attack surface
With the adoption of new data management and technologies, the attack surface in healthcare has ballooned. It has put cybersecurity in healthcare at risk by exposing it to data theft and ransomware attacks. A single attack on Electronic Health Records by a ransomware attack or theft of data can have far-reaching financial effects on a healthcare facility. It can disrupt the essential operational ability of a hospital. Wireless medical devices and telemedicine increase a healthcare facility’s exposure to direct attacks. With most people working from because of the COVID-19 pandemic, the use of RDPs and remote access VPNs has skyrocketed. It allows the hackers to backdoor into the hospital network by exploiting the vulnerabilities in their software.
The third-party factor
Health care institutions source outside doctors, clinics, diagnostics labs, and software. This diverse third party poses various cybersecurity challenges to a health institution. These third parties have direct access and privileges to the hospital’s network and patient data. Therefore, their compromise can have far-reaching financial implications and privacy issues for the health institution. A ransomware attack can originate from third parties like software providers and insurers services providers into the hospital’s network and computers.
For any country, healthcare is a critical sector. Therefore, public and private actors need to jointly pursue actions to prevent cybercriminals from taking healthcare services hostage. Enough resources need to be dedicated to hospitals for upgrading the equipment from legacy to secure ones that are abreast with current technology. We must improve cybersecurity in healthcare to protect this life-saving industry from ransomware and other cyberattacks.