The Healthcare Industry Is Being Hit the Hardest by Cyberattacks
A recent ransomware report revealed the escalation of cybercrimes across all industries, with healthcare being hit the hardest. Following the modernization of medical systems and the convenience of data access comes the risk of internal and external threats to personal data.
With the frequency, nature, and severity of cyberattacks under constant change, it has become a necessity for industries to implement corresponding control systems to mitigate these activities, which, arising out of malicious attacks or simply human error, could result in long-lasting consequences.
In this Pacific Prime article, we are going to explain why the healthcare sector is the major victim in cyber incidents, provide you with a real-life example of how cyberattacks can deter a company’s operation, and recommend you some of the best cybersecurity practices.
A Surge in Global Cyber Incidents
According to the report, the number of ransomware attacks in Q1 2024 was 21% higher than the same period last year, with 1,075 leak site victims reported. Among those, medical practices, including specialists and family clinics, experienced a 38% increase in ransomware attacks, the largest across all sectors.
The steep increase in cyberattacks within the healthcare industry can be explained by:
- The sensitive nature of patient data
- Critical services provided by medical institutions
- Reliance on technology for patient records, billing, and other core operations
The surge in global cyber incidents, especially in healthcare, is indeed alarming, as it underscores the potential for disruption to patient care and the financial burden on healthcare providers. The latter may trigger health insurance premium increases and the extra cost is imposed on the general public.
Healthcare-Related Cyberattacks in Hong Kong
On April 20, 2024, United Hospital confirmed that its computer system faced a cyberattack, with sources claiming that the hospital was blackmailed to pay US $10 million by the hackers but the hospital rejected the payment.
The hackers used the infamous ransomware known as “LockBit” to facilitate the attack. They encrypted a significant number of computer files, including lab reports, and told the hospital not to delete or alter the encrypted files.
Although the intrusion was stopped by activating the emergency response system and finding no leakage of patient data, the attack resulted in “some operational disruptions” of the hospital, threatening the personal information safety of all staff, patients, and related entities.
Best Practice Controls
Prevent is better than cure when it comes to mitigating cybersecurity breaches. Consider these actions and integrate them into your security maintenance routine:
Routine backup of all systems: Regular backups ensure data can be recovered in the event of a ransomware attack or data loss/deletion incident. Backups are critical for the continuity of operations after an event.
Providing training on emerging cybersecurity threats: Educating users about the latest threats and techniques, like phishing, helps improve security awareness. Users can better identify suspicious communications and activity.
Enable strong spam filters: Filtering spam and phishing emails prevents malicious attachments and links from reaching users in the first place. This removes a major infection vector for ransomware and viruses.
Invest in technologies: Newer security technologies like next-gen firewalls, endpoint detection and response tools, and identity and access management solutions strengthen defenses against both known and unknown threats.
Conduct regular tests: Penetration tests and simulations find weaknesses before real attackers. Red team exercises help evaluate security controls and response plans to improve overall posture.
Improve password hygiene: Unique, complex passwords and regular resetting reduce the impact of credential theft. It stops password reuse across multiple accounts, which exacerbates the effects of breaches.
A Lesson for Healthcare Professionals
The rapid evolution of ransomware tactics necessitates that organizations continuously strengthen their defenses. Cybercriminals are finding more innovative ways to infiltrate networks and encrypt critical systems and data, highlighting the need for adaptive and robust defense mechanisms.
One key area is addressing vulnerabilities in internet-facing tools with protections like web application firewalls, as ransomware actors often rely on exploiting known vulnerabilities in remote access ports, VPNs, and APIs to launch their attacks.
Another critical line of defense is ensuring timely patch management across all endpoints, servers, and IoT devices within the environment. Ransomware exploits unpatched systems, so automated, centralized patching solutions and strict change control can help eliminate loopholes for attackers.
There’s more to the issue – human and technical errors leave openings that skilled ransomware operators can exploit through social engineering. This underscores the importance of constant vigilance through staff training and 24/7 monitoring services along with collaboration between organizations.
Through information sharing initiatives, threat intelligence can be disseminated rapidly and recovery playbooks coordinated with the event partners are impacted. This joint defense helps overload attackers spreading across multiple targets and strengthens the overall security posture of the entire ecosystem.
Protect Your Company with Cyber Insurance
The dominance of cyberattacks compels companies to constantly address vulnerabilities, practice rigorous patch management and maintain constant collaboration so that they can stay ahead of ransomware as it continues to rapidly expand.
After all, ransomware attacks and business disruptions are about money loss. And this is why every company should consider securing cyber insurance to protect against any Internet security threats. Cyber insurance provides coverage for:
- Cover breach response costs: This includes expenses related to forensic investigations, customer notification, credit monitoring, PR management, legal advisors, and compliance with breach notification laws.
- Pay for business interruption losses: If a cyber attack disables systems or access to data, coverage can help recoup profits lost during downtime needed for recovery.
- Protect against ransomware payments: Some policies will reimburse organizations that pay ransom demands to decrypt data held hostage in a ransomware attack.
- Provide cyber extortion protection: For threats involving sensitive data theft and demands in exchange for not leaking or selling the information.
- Offer crisis management services: Policies may include help from breach coaches, legal advisors, and PR consultants in the insurance company’s approved vendor list.
- Protect vendors and suppliers: Coverage can extend to third-party companies the policyholder shares data with if they too suffer a breach.
Pacific Prime is experienced in providing businesses of all sizes with innovative insurance solutions. Contact our team of expert advisors to get started with the process of protecting your company from cyberattacks and other business threats!
- Group Medical Insurance in Hong Kong: Startups, SMEs & MNCs - October 17, 2024
- Weekend Away: Your Guide to Macau - July 11, 2024
- Non-Chinese Hong Kong Permanent Residents Can Apply for 5-Year Travel Permit Cards to China - July 2, 2024
Comments
Comments are disabled for this post
We'll notify you
when our team replies!