Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom.
Cybercriminals are increasingly focusing on healthcare organizations, exploiting their weaknesses to gain access to sensitive information, disrupt operations and extort money.
Here are some key reasons healthcare is now a prime target for cyberattacks.
Healthcare organizations hold vast amounts of sensitive information.
The critical nature of healthcare services gives any outage from ransomware or any other cause an extreme sense of urgency as lives could potentially hang in the balance.
Healthcare professionals frequently need to access data remotely, which increases the attack surface for cybercriminals.
There can often be resource and budget constraints in place that impact the ability of the healthcare organization to invest in cybersecurity.
Healthcare patient records typically contain a significant amount of information about individuals.
Healthcare records on the black market are typically worth more than other types of personal data, such as credit card information.
Healthcare data is valuable because it has long-term usefulness, making it different than a credit card where a user can cancel and replace a card.
The data held in healthcare records can be sensitive health information that can be used for blackmail.
Cybersecurity and specifically ransomware attacks are all too common in the healthcare industry.
According to the FBI's Internet Crime Complaint Center, healthcare and public health were the sectors most impacted by ransomware in 2023.
These attacks often led to significant disruptions in healthcare access and patient care, including postponed procedures, and according to at least one report, a patient death as well.
The Cost of a Data Breach Report 2023 from IBM and the Ponemon Institute identified healthcare industry breaches as the most expensive at an average of $10.93 million vs an overall average cost of $4.45 million.
The ransomware attack on Change Healthcare, a division of UnitedHealth Group, disrupted the largest healthcare payment system in the U.S. and affected billing, eligibility checks, prior authorization requests and prescription fulfillment.
Data security should be a high priority with all the valuable data and risks that healthcare facilities and providers have.
While healthcare is under pressure and scrutiny from attackers, healthcare facilities can take steps to help prevent a data breach.
Healthcare organizations should take inventory of all data sets and locations of sensitive information to know where all this data is located.
By implementing these best practices, healthcare organizations can enhance their data security posture, reduce the risk of data breaches and protect sensitive information from unauthorized access, accidental loss, or corruption.
This Cyber News was published on www.techtarget.com. Publication date: Wed, 29 May 2024 17:13:06 +0000