If you ever want to find out what kind of data cybercriminals are targeting, there is a simple rule. follow the money. And some of the most valuable commodity threats players are looking for come from the healthcare sector. As hospitals, physicians and healthcare professionals digitize more of their systems and workflows, and people use more wearable devices to monitor and improve their health, the amount of data disclosed is increasing.
In Australia, the Office of the Australian Information Commissioner (OAIC) publishes a report every six months listing the most common types of data breaches and related sectors. Healthcare providers reported most violations in the last report, and this number has increased every time the report was published. Almost half of these violations were caused by malicious acts or criminal acts, according to OAIC.
There are attacks throughout the Asia-Pacific region that specifically target the health sector. In Singapore, there were several attacks, one of which even revealed the health data of the Prime Minister. The WannaCry malware continues to be a problem and health data is now available over the dark Internet.
Healthcare industry "does not keep up"
The old approach to enterprise IT security-making sure endpoint protection is up to date and there's a firewall-is no longer enough. Cyber incidents that allowed threat actors to bypass security controls were responsible for more than half of the reported security breaches in 2019. The remainder is distributed almost equally between the theft of data storage and paperwork and fraudulent employees.
Taken together, we find that digitization of the healthcare system is faster than the sector's ability to protect the valuable information it creates and stores.
Kaspersky's Managing Director for the Asia-Pacific region, Stephan Neumeier, said recently, "Data is sick, confidential medical records are being infringed, and advanced devices are transforming a human into a bionic man." These ideas have since bridged the gap between fictional stories and ours physical world They are good in our reality As the rapid digitization pervades the healthcare sector, cybercriminals see more opportunities to attack this lucrative and critical industry. "
Stolen medical records are sold openly on the dark internet
If we follow the money in an industry – and cybercrime is one of the most profitable industries in the world – we find that there are marketplaces where skills and information are traded. The senior security researcher of GReAT Korea, Seongsu Park, recently presented himself on a cybersecurity forum and discussed the Australian dark-web seller Ausprdie. This platform deals with medical data.
According to Park, medical records can be considered more valuable than a simple credit card, as a hospital generally needs a patient's personal and financial information before being examined or recorded. These online forums even advertise to access sensitive medical information. And these violations, like the consequences of a nuclear incident, can have long-term effects.
How the industry can protect itself better
With such a well-organized opponent, it is important to be proactive in planning a defense. The hope that a "Wall and Moats" approach is sufficient is not enough. Attackers use tactics such as phishing attacks that send a large number of fraudulent emails that attempt to convince people to reveal credentials or other valuable information. Or they may be more focused and try to get someone with higher data access to share information – a targeted tactic called spear phishing. As we know from OAIC data, even malicious insiders are a big challenge.
Rather than trying to fend off all possible attacks, it's important to actively search for threats that may already be on the network. This means that tools actively search for potential threats that are already in your firewall. For healthcare providers, this means looking for unusual activities. For example, to see when something like a blood test report is sent to an X-ray technician. This may indicate that an email account has been compromised, as this type of data is not normally shared between these two parties.
Criminals are constantly developing new ways to break systems that are often referred to as attack vectors. Trying to keep up with the latest types of attacks is not easy. However, there are threat feeds and other types of information from outside parties that not only keep healthcare providers informed, but also help them identify the risk of a new type of attack so that appropriate countermeasures can be taken.
Rather than waiting to be sacrificed, hospitals, medical practices, and other health care organizations can come to the front to search for threats before they escalate and become cyber incidents.
Protecting health data is not just about ensuring that data is protected as much as possible at rest and during transportation. It's about proactively finding where the risks are and then actively taking action to minimize those potential losses and unauthorized access.
As things stand today, the healthcare sector is lagging behind, as security is catching up with digital transformation efforts. A forward-looking approach that constantly assesses risks and sets risk minimization strategies will allow the sector to progress.
Kaspersky is a global leader in cybersecurity for home and business users. To find out how it helps healthcare providers protect their critical data Click here,
The price written on this page is true as the time it is written. It may change at any moment.