Cyber care for healthcare industries

Issue 2 2021 Healthcare (Industry)

From Hurricane Katrina to earthquakes in Japan, cybercriminals have long used crisis situations to further their own agendas. Regrettably, the COVID-19 pandemic is the latest to be exploited with organisations across healthcare industries, from hospitals to clinics, laboratories and pharmacies finding themselves in the crosshairs.


Lehan van den Heever.

In recent months, there have been numerous cyberattacks on these organisations around the world. Given that this pandemic will likely continue for some time, these threat actors will likely continue to exploit the situation.

Even prior to the pandemic, healthcare industries proved to be attractive targets. Last year, Kaspersky conducted a survey among healthcare sector employees in the US and Canada that revealed nearly a third of all respondents (32%) had never received any cybersecurity training from their workplace. Furthermore, one in ten employees in management positions also admitted that they were unaware of a cybersecurity policy in their organisation.

Lucrative industry

Our research into underground forums has shown that medical records are sometimes even more expensive than credit card information. This can partly be ascribed to how it opens potentially new methods of fraud: armed with someone’s medical details, it is easier to scam the patient or their relatives. Additionally, the number of attacks on medical facility devices in countries that are just starting the digitalisation process in the field of medical services will continue to grow. It is especially hospitals in developing countries that will be targeted.

Today, cybercriminals are usually looking to gather sensitive or scientifically significant information and either hold it for ransom or sell it on the black market. State actors have also launched attacks against healthcare organisations for purposes of intelligence gathering. Nevertheless, regardless of the reason, it is important that these healthcare organisations practice increased vigilance because any type of attack could interfere with them being able to provide critical care for their patients.

Continuity of operations and data protection are extremely critical for healthcare organisations. This is more so the case today with the sector under extreme pressure. For hospitals and medical institutions, it is important to ensure the stability of medical equipment and that data is constantly available for personnel, while also protecting the privacy of their patients’ critical information.

The reality is that hospitals and research labs generate and house assets that have a high value not just for stakeholders, but cybercriminals as well. Disruption to healthcare services may have a devastating impact on patients’ health and the ability for healthcare workers to carry out their roles effectively. Furthermore, a cyberattack, regardless of its nature, will damage credibility if disclosed to the public.

Best practice

There are several cybersecurity best practices available that healthcare organisations must adopt if they are not doing so already.

Schedule basic security awareness education for both medical personnel and administration employees that cover the most essential practices such as passwords and accounts, email security, use of USB devices, PC security, and safe web browsing. Healthcare providers should also review their existing cybersecurity solutions and ensure they are up to date, configured properly, and cover all employees’ devices. Even something as basic as using a firewall can make a massive difference to the environment.

Facilities must ensure all medical devices are properly configured and updated, such as ventilators. If there is a chance that the number of such devices increases rapidly, they should develop a dedicated procedure to quickly install and configure all new devices safely. Some hospitals have had to urgently hire new staff. This means an increase in the number of endpoints that must be protected.

The rapidly evolving market today means that no healthcare organisation can be considered safe from a cyberattack. It is therefore critically important that they embrace a more security-conscious approach to operations.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The cybersecurity consolidation conundrum
Editor's Choice Cyber Security Healthcare (Industry)
Check Point discusses why less is sometimes more when it comes to securing your organisation from the innumerable cyberattacks happening every day.

Read more...
Cyber risks to healthcare
Healthcare (Industry)
60% of healthcare organisations in South Africa have confirmed that all medical equipment they use runs up-to-date software. Usage of legacy operating systems (OS) expose healthcare organisations to additional vulnerabilities and cyber risks.

Read more...
Home care and assisted living
Salto Systems Africa Healthcare (Industry)
SALTO prevents unauthorised access, while saving residents – who may have mobility issues – from having to open their door since physical keys are replaced with contactless smart fobs, PIN codes or smartphone access.

Read more...
Touchless healthcare
ZKTeco Healthcare (Industry)
With confidential data and potentially dangerous drugs and medical equipment, it can be more of a challenge for the healthcare sector to keep their premises safe than in other industries.

Read more...
Data compliance for healthcare
Healthcare (Industry)
All healthcare facilities including hospitals and clinics are required to manage the complete destruction of all data when IT assets reach end-of-life using compliant data erasure techniques essential to protect company data.

Read more...
Future of healthcare must be built on security
Healthcare (Industry)
IoMT, IoT, wearables to revolutionise health and potentially expose patients to new threats, say Doros Hadjizenonos and Matthew Taljaard.

Read more...
Improving patient care
Axis Communications SA CCTV, Surveillance & Remote Monitoring Healthcare (Industry)
Nemours Children’s Health System has installed Axis network video cameras in every patient room to improve patient care to avoid nuisance alarms.

Read more...
Access control during a health crisis
Axis Communications SA Healthcare (Industry)
Preventing the transmission of coronavirus in healthcare settings is obviously critical. Paul Baratta discusses access control and how it can help healthcare providers today and well into the future.

Read more...
IoT is playing an increasing role in monitoring behaviour
Vox Healthcare (Industry)
With 55% of respondents in a recent survey stating that they cannot afford to save towards retirement and living in a care facility, attention must turn to leveraging cost-effective and user-friendly technological innovations to unlock the potential for telecare.

Read more...
Unlocking the value of healthcare data
Healthcare (Industry)
Data in the healthcare sector is heavily regulated, with numerous laws and regulations governing how data needs to be processed, protected and retained; this has become more important than ever in light of the COVID-19 crisis.

Read more...