Cyber care for healthcare industries

Issue 2 2021 Healthcare (Industry)

From Hurricane Katrina to earthquakes in Japan, cybercriminals have long used crisis situations to further their own agendas. Regrettably, the COVID-19 pandemic is the latest to be exploited with organisations across healthcare industries, from hospitals to clinics, laboratories and pharmacies finding themselves in the crosshairs.

Lehan van den Heever.

In recent months, there have been numerous cyberattacks on these organisations around the world. Given that this pandemic will likely continue for some time, these threat actors will likely continue to exploit the situation.

Even prior to the pandemic, healthcare industries proved to be attractive targets. Last year, Kaspersky conducted a survey among healthcare sector employees in the US and Canada that revealed nearly a third of all respondents (32%) had never received any cybersecurity training from their workplace. Furthermore, one in ten employees in management positions also admitted that they were unaware of a cybersecurity policy in their organisation.

Lucrative industry

Our research into underground forums has shown that medical records are sometimes even more expensive than credit card information. This can partly be ascribed to how it opens potentially new methods of fraud: armed with someone’s medical details, it is easier to scam the patient or their relatives. Additionally, the number of attacks on medical facility devices in countries that are just starting the digitalisation process in the field of medical services will continue to grow. It is especially hospitals in developing countries that will be targeted.

Today, cybercriminals are usually looking to gather sensitive or scientifically significant information and either hold it for ransom or sell it on the black market. State actors have also launched attacks against healthcare organisations for purposes of intelligence gathering. Nevertheless, regardless of the reason, it is important that these healthcare organisations practice increased vigilance because any type of attack could interfere with them being able to provide critical care for their patients.

Continuity of operations and data protection are extremely critical for healthcare organisations. This is more so the case today with the sector under extreme pressure. For hospitals and medical institutions, it is important to ensure the stability of medical equipment and that data is constantly available for personnel, while also protecting the privacy of their patients’ critical information.

The reality is that hospitals and research labs generate and house assets that have a high value not just for stakeholders, but cybercriminals as well. Disruption to healthcare services may have a devastating impact on patients’ health and the ability for healthcare workers to carry out their roles effectively. Furthermore, a cyberattack, regardless of its nature, will damage credibility if disclosed to the public.

Best practice

There are several cybersecurity best practices available that healthcare organisations must adopt if they are not doing so already.

Schedule basic security awareness education for both medical personnel and administration employees that cover the most essential practices such as passwords and accounts, email security, use of USB devices, PC security, and safe web browsing. Healthcare providers should also review their existing cybersecurity solutions and ensure they are up to date, configured properly, and cover all employees’ devices. Even something as basic as using a firewall can make a massive difference to the environment.

Facilities must ensure all medical devices are properly configured and updated, such as ventilators. If there is a chance that the number of such devices increases rapidly, they should develop a dedicated procedure to quickly install and configure all new devices safely. Some hospitals have had to urgently hire new staff. This means an increase in the number of endpoints that must be protected.

The rapidly evolving market today means that no healthcare organisation can be considered safe from a cyberattack. It is therefore critically important that they embrace a more security-conscious approach to operations.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Improving patient care
Issue 2 2021, Axis Communications SA , CCTV, Surveillance & Remote Monitoring, Healthcare (Industry)
Nemours Children’s Health System has installed Axis network video cameras in every patient room to improve patient care to avoid nuisance alarms.

Access control during a health crisis
Issue 2 2021, Axis Communications SA , Healthcare (Industry)
Preventing the transmission of coronavirus in healthcare settings is obviously critical. Paul Baratta discusses access control and how it can help healthcare providers today and well into the future.

IoT is playing an increasing role in monitoring behaviour
Issue 2 2021, Vox , Healthcare (Industry)
With 55% of respondents in a recent survey stating that they cannot afford to save towards retirement and living in a care facility, attention must turn to leveraging cost-effective and user-friendly technological innovations to unlock the potential for telecare.

Unlocking the value of healthcare data
Issue 1 2021 , Healthcare (Industry)
Data in the healthcare sector is heavily regulated, with numerous laws and regulations governing how data needs to be processed, protected and retained; this has become more important than ever in light of the COVID-19 crisis.

Keeping COVID in check
Issue 8 2020, Suprema , Access Control & Identity Management, Healthcare (Industry)
Suprema thermal camera solution helps prevent the spread of COVID-19 in South Korea in a focused healthcare approach from government.

Technologies for paediatric care
Issue 7 2020, Duxbury Networking , Healthcare (Industry)
Virtual contact via electronic devices may decrease the sense of isolation and alienation between parents and babies deprived of physical contact.

The time for resilience is now
Issue 7 2020, Galix Group , Healthcare (Industry)
With healthcare receiving more funding and grants due to COVID-19, it’s become a (perceived) easy target for cyber criminals.

Technologies to improve patient care in the healthcare industry
Issue 7 2020, Duxbury Networking , Healthcare (Industry)
In addition to addressing security issues, the hotel industry already uses cameras to improve the quality of customer service. Likewise, healthcare facilities are also gradually adopting this concept.

Technology driving the healthcare industry
Issue 6 2020, Duxbury Networking , CCTV, Surveillance & Remote Monitoring, Healthcare (Industry)
Seeing cameras as sensors opens up new possibilities, and each one of them responds to typical demands inside a hospital, clinic or nursing home.

Advancing healthcare facility security
Issue 2 2021, Suprema , Healthcare (Industry)
Hospitals and healthcare facilities present a unique set of security challenges in that they operate 24/7, are open to the public and need to strictly secure the safety of patients, medical information and various restricted areas.