Cyber attackers truly have no morality when it comes to the targeting of organizations for financial gain. One of the prime targets for cyber criminals is healthcare organizations. And as unfortunate as it is, there are several different reasons as to why they are prone to cyber attacks. While cyber security should be a major consideration of virtually every organization, it can sometimes be less than ideal in healthcare organizations due to budget constraints, or lack of IT staff. Another factor is healthcare industry staff lacking education in cyber security, which leads to high rates of them falling victim to emails containing malicious software or phishing attempts.
This combination of different factors has led to a major increase in cyber attacks upon healthcare organizations. In fact, according to TrapX labs, there has been a 63% increase of healthcare industry cyber attacks in 2016 alone. Where 2015 saw 57 major breaches documented, 2016 contained 93 major breaches.
Main Targets for Healthcare Cyber Attacks
Of all the occurring healthcare cyber attacks, the majority tend to be for the purpose of purloining patient records. According to the research paper from TrapX, “Banner Health (3.6 million records), Newkirk Products, Inc. (3.4 million records), 21st Century Oncology (2.2 million records), and Valley Anesthesiology Consultants, Inc. (.88 million records) were the largest successful data breaches reported in 2016.” For whatever malicious reason, full patient information databases tend to go for a pretty penny in the criminal market of the deep web.
An interesting aspect of this is that although the number of attacks has increased, the overall amount of records stolen was lower than the previous year. The numbers went from just under 112 million data records breached in 2015, to around 12 million in 2016. Meaning, a fewer number of records are being obtained from each individual breach.
Another primary target is the hijacking of medical devices. The amount of medical devices connected to the internet has increased largely, providing another vector of breach and exploit for attackers. Not only can cyber criminals obtain remote access from these devices, but they also contain backdoors which can be used as a method for introducing malware, ransomware, and phishing attacks. A large barrier to addressing this is the fact that downtime is not a commodity that healthcare organizations can afford, which brings them to simply pay the ransom to release their systems.