Why has healthcare become a target for cybercriminals?

Why has healthcare become a target for cybercriminals?

Intelligent CIO spoke to Kamal Brar, Vice President and General Manager, Asia Pacific and Japan at Rubrik, to find out more about cybersecurity threats to the healthcare sector.

Healthcare is tasked with the massive responsibility of looking after patients, and the responsibility grew all the bigger with the pandemic.

However, healthcare’s massive responsibility made the sector one of the top five most frequently attacked industries in ASEAN according to Interpol’s 2021 ASEAN Cyberthreat Assessment, putting them in the face of a cyber pandemic.

It does not seem to matter how thick the firewalls are, the bad guys are still getting through. When ransomware strikes, organizations either pay the ransom or attempt to recover, but the inevitability in both options is that sleep is lost and so is peace of mind. 

Hackers know that if they can exploit an organization’s backups, hospitals will have no choice but to pay the ransom. What makes matters worse is that we know that paying the ransom is not a guarantee.

Kamal Brar, VP and General Manager at Asia Pacific and Japan, Rubrik

Intelligent CIO spoke to Kamal Brar, Vice President and General Manager, Asia Pacific and Japan at Rubrik, to find out more.

How has the pandemic led to the healthcare industry becoming a target for cybercriminals?

When the pandemic happened, the healthcare industry became the main focus of cyberthreat, with cybercriminals targeting system vulnerabilities in hospitals, healthcare centers, vaccine manufacturers and laboratories for which they demanded a ransom.

The rapid increase in cybercriminals targeting healthcare boils down to the fact that these institutions are the backbone of the pandemic situation, and are thus more likely to pay the ransom because they are overwhelmed with patient care and cannot afford to be locked out of their systems even for just a few seconds.

The nature of what we’ve been dealing with exaggerated the nature of the attacks as the services provided by healthcare institutions are crucial. Fundamentally, we’re dealing with contact tracing, telemedicine, which brings a lot of value to people, especially as they live with the virus.

However, while these practices are paramount today, they are among the main reasons cyberattackers target the healthcare industry, compromising massive amounts of patient data.

Witnessing the vulnerability of the industry today, we’re dealing with a new environment and a different approach to providing healthcare. This means modernizing work through connected devices, multiple applications and network segments.

However, modernizing at such a scale can be a challenge, which leaves healthcare vulnerable for bad actors.

If a healthcare service provider is unable to treat patients, there’s a massive impact on the quality of patient care due to cyberattacks. When hospital service providers are unable to access their systems or provide healthcare, they find themselves in a position where paying is the only option.

Why does data management play a crucial role?

Data management no longer addresses data issues only as we are seeing a convergence of data and security, making it a matter of cyber resiliency.

At the core, everyone wants to protect their data, but fundamentally, the complexities around security and data are coming together.

Protecting your data is more than just protecting an endpoint or network. Now, there is a flow on effect to multiple systems, and they’re all interconnected, which can cripple an entire platform.

Furthermore, there is a significant increase in cyber-risks, as ransomware attacks alone jumped by 715% in 2021 globally.

In spite of massive investments in perimeter, endpoint and application-layer security defenses, cyberattacks are becoming more sophisticated alongside the exponential rise of data, and attackers remain successful in gaining access to data.

Having a robust data security solution in place creates immutability, where data can’t be encrypted.

With digitalization, we also see that there is a great amount of data that is fragmented across different systems, having different ways to secure them. As medical data is quite sensitive, we see that the value of data is at its highest today.

As innovation catches up to today’s healthcare needs, there comes the problem of not only sharing data efficiently, but also ensuring that data is protected in all circumstances.

How can healthcare organizations put forward a ‘Zero Trust’ philosophy to protect their data from being compromised?

Building a zero-trust foundational framework is built on three core principles; trust no one (no individual or application), validate everyone/everything and always verify. We once lived in a world where accessing data means we can continue to go on and about with our business.

In the new world of Zero Trust, however, we’re moving to a model where we always continuously verify and authenticate. The other two pieces linked to that are the assumption that at some point in time, our data will be compromised.

With very clear zero-trust principles, devices have multi-factor authentication, for instance, which reinforces security within organizations’ systems. In that ecosystem with Zero Trust, there’s less likelihood of a breach occurring.

How can healthcare practitioners practise cyber-hygiene when focusing on their patients?

Cybercriminals exploit their victims’ cyber habits through executing malicious threats under the facade of daily activities in the likes of private messages, social media posts and e-mails. Education on the risk of cyber habits may not suffice as there remains a need to train healthcare practitioners’ ability to detect fraud.

As such, healthcare institutions need to have a clear understanding of online security protocols, safe browsing practices, secure password creation and storage, alongside the necessary tools and software that detect suspicious activities. With all these in hand, healthcare organizations will be better prepared to deal and fend off any kind of cyberattacks.

Tips for the healthcare sector to protect their patients’ data

Modern technology is key. When legacy systems are used, often security is built on top, but not integrated at the core and considered from day one. A proactive inside-out data security approach that assumes an attack is inevitable builds a focus on protecting mission-critical data and systems.

In addition to modern technology and data security platforms, there will be elements that cannot be underestimated, such as people and processes. Providing training and education on the potential risks as we move to network-based access or remote access is of utmost importance.

Often some of the most dangerous risks an organization is up against are internal and many times unintentional.

With the right technology and training in place, processes enable clarity on how to respond if and when a breach occurs. We need to ask the right questions: What is the remediation plan? How do we recover if we experience a cyberattack?

Those three elements go hand in hand – technology, the people and, of course, the process.

Browse our latest issue

Intelligent CISO

View Magazine Archive