The healthcare sector has become a prime target for cyberattacks, with the frequency and sophistication of these attacks increasing rapidly over the last several months. More than 124 million records were compromised in healthcare hacks last year. This escalation poses significant risks, including the potential for compromised patient data, severe financial losses for healthcare organizations, and – most concerning – disrupted healthcare services. Earlier this year, the Change Healthcare cyberattack, which cost UnitedHealth $872 million, may have encouraged bad actors to target the healthcare industry further, seeking financial gain. The cybersecurity industry is evolving in response to these types of attacks, and healthcare organizations – and the tech industry at large – are adopting new strategies and technologies to protect themselves.
Why the healthcare sector?
The number of reported cyberattacks directed at American hospital systems nearly doubled from 2022 to 2023. The healthcare sector is particularly vulnerable to cyberattacks for several reasons. Generating about 30% of the world’s data volume, healthcare organizations hold vast amounts of valuable data, including personal health information (PHI), medical records, and financial information. This data is in high demand on the black market because it can be used for identity theft, insurance fraud, and other malicious activities. Recent data showed that medical records sell for 20 times more than credit card information.
Additionally, the critical nature of healthcare services makes hospitals and clinics prime targets for ransomware attacks since cybercriminals know that disrupting healthcare operations can have life-threatening consequences. This increases the likelihood that the targeted organization will pay the ransom to restore services quickly. Given the sensitivity and importance of healthcare data, healthcare organizations are more likely to pay ransom or extortion demands to regain control over their systems and data quickly. A survey found 61% of healthcare IT professionals acknowledged that their organizations have paid a ransom, when the average for all industries is 46%. When it comes down to it, law enforcement and cybersecurity experts actually advise against paying ransoms, as this can encourage further criminal activity. Additionally, there’s no assurance that ransomware groups will restore access to systems after receiving the ransom, or that they won’t demand additional payments.
The public trusts healthcare organizations to protect their personal and medical information; a successful cyberattack can severely damage this trust and the organization’s reputation, leading to long-term financial and operational consequences. Attackers exploit this vulnerability, knowing that healthcare providers are under pressure to maintain their reputations and provide consistent, quality care. Healthcare organizations must also comply with stringent regulations like the Health Insurance Portability and Accountability Act (HIPAA) in the United States, which mandates the protection of patient data. Non-compliance can result in hefty fines and legal consequences, making healthcare providers even more vulnerable to extortion.
On the logistical front, 73% of healthcare provider organizations operate on legacy systems, and this outdated technology can cause them to be more vulnerable to cyberattacks. These older systems often lack modern security features and can be challenging to update or replace due to cost and complexity – making them a prime target for malicious actors.
What can the healthcare industry do?
Healthcare companies should prioritize robust defenses and investments in technology to prevent cyberattacks from occurring in the first place. Although cyber criminals are evolving quickly, cybersecurity technology, like artificial intelligence (AI) and zero trust architecture, is also developing rapidly to help sectors such as healthcare stay protected. Through these advanced technologies, enhanced encryption, and cloud security solutions, healthcare organizations have increasing opportunities to protect against evolving threats. However, these efforts alone are insufficient to change the trajectory of cybercrime. Protecting the healthcare industry should be a widespread effort involving a law enforcement and legislation.
The tech sector has also mobilized to address these threats. Recently, Microsoft and Google announced they will offer free or discounted cybersecurity services to rural hospitals across the United States, to make them less susceptible to cyberattacks that would disrupt patient care and threaten lives. We’re likely to see similar responses from the industry as this problem becomes more and more costly financially and for individuals’ well-being.
As cyber threats continue to grow in complexity, the partnership between healthcare providers and cybersecurity professionals will be crucial in safeguarding patient data and ensuring the uninterrupted delivery of healthcare services.
About the Author
Ariel Novak is the Vice President, Cybersecurity at PAN, a global, integrated, data-driven marketing and PR firm for B2B tech and healthcare brands. At PAN, Ariel has worked with B2B technology brands, with a passion for cybersecurity, including Booz Allen Hamilton, HPE, Citrix, Thales and Vercara.
Ariel began her career as a reporter, receiving an award from the New England Press Association. Her passion for compelling storytelling is evident in her award-winning campaigns helping clients build strong narratives. Ariel is based in Maine and graduated from Bates College.