IN 2020, more major healthcare data breaches were reported than in any other year, according to a recent report by IntSights, a Rapid7 company.
Additionally, 2021 has seen five consecutive months (March through July) in which industry data breaches were reported at two or more per day.
Video games have also become a doorway for cyber attackers to steal data. CONTRIBUTED PHOTO
In August 2021 alone, as many Manila citizens sought to get vaccinated against Covid-19, the city’s vaccination website was attacked by hackers 133 times.
The city’s mayor later told the media that “troll farms” may have been behind the attack on the vaccination registration site, seeking to prevent real users from using it.
Attacks weren’t the only cyber threats facing the Philippines’ healthcare sector during the pandemic as it tried to help citizens through the crisis.
Earlier, in November 2020, a software tool that healthcare workers in the Philippines were using to share data on Covid-19 cases was found to contain multiple flaws that could expose patient data.
Researchers from a University of Toronto lab discovered vulnerabilities in the Covid-Kaya platform’s web and Android applications that allowed unauthorized users to access private data about platform users, according to the cybersecurity news site Threatpost.
These incidents serve as a reminder of the need to manage cybersecurity risks as healthcare providers rapidly digitize to improve patient care and meet the urgent demands of a pandemic.
The Philippines are certainly not the only ones here. In the Italian city of Lazio, cyberattackers successfully disabled the Covid-19 vaccination booking system last year, preventing citizens from getting their vaccination appointments for days.
The hackers probably thought this would trick Italian authorities into paying the ransom to unlock the systems they had disrupted by a cyberattack.
Unsurprisingly, during the pandemic, cyber attackers have sought to exploit the confusion and fear of citizens and government agencies, hoping to profit as victims often become desperate in life-or-death situations.
While cybersecurity is a threat to all organizations, healthcare providers face unique challenges, especially during the pandemic.
For starters, the personal data contained in protected health information is useful for criminal groups wishing to commit identity and insurance fraud.
Once data such as social security numbers or medical records is leaked to underground criminal forums on the Dark Web, it could be reused and exploited over and over again.
While it is true that the healthcare sector is highly regulated in terms of security and data protection, this can sometimes work against organizations in the sector.
For example, cyber attackers can rely on healthcare victims to pay a ransom, as they would otherwise face a hefty fine from government regulators for losing patient data.
This could give them additional leverage over, say, a victim in another sector that is not subject to the same strict regulatory oversight.
Another unique feature of the healthcare industry is medical devices that are permanently connected to a network.
IntSight’s study in the United States found that some healthcare providers failed to update their devices to the latest firmware because they feared it would void approval already received from the Food and Drug Administration.
Although authorities only require that significant changes be sent for approval, some vendors become “over-compliant” and end up not updating the software on their devices.
As a result, these devices could be left in a vulnerable state for years – many of them working for a decade or more – and act as a perpetually open door for cyberattackers.
There is yet another disturbing thing for the health care sector. Despite the value of the highly personalized data that could be stolen here, the price of unauthorized access to a healthcare organization is relatively low among criminals.
The lowest price in a sample of data obtained by IntSights, from monitoring underground criminal networks, was just $240, for access to a Colombian healthcare organization.
This could be due to the perception that it is relatively easy to steal data from a healthcare organization or simply that there is an oversupply of such information.
These findings from IntSight’s global study offer valuable lessons for Southeast Asian healthcare organizations, particularly on how to reduce their risk and improve their security posture.
Here are four important steps:
Establish priorities. Find and fix the most critical vulnerabilities first, then identify the assets most likely to be targeted.
Integrate cyber threat intelligence. Discover threats before they arrive at your doorstep, then adapt your defenses against them.
Build a robust defense against ransomware. Use offline backups and strong encryption; avoid the temptation to pay a gang of ransomware.
Balance usability and cybersecurity. Use multi-factor authentication on a mobile application and limit remote access to the bare minimum, for example to reduce risk.
Increasingly, cybercriminals are looking for more effective ways to pressure their victims for ransoms. Apart from stealing and locking valuable data, they also extort victims by threatening to leak sensitive data.
For healthcare organizations, the key to overcoming these new cybersecurity challenges is to first understand the unique risks facing the industry and try to stay ahead of the game. Constant vigilance must be the norm.
