Why healthcare facilities are targeted for cyber attacks

Following the WannaCry cyber attack, it has become clear just how vulnerable healthcare facilities computer systems are. The UK NHS (National Health Service) was crippled by the recent global ransomware attack.

Healthcare facilities are targeted due to the high value of their assets and the ease in which they can be compromised. According to KPMG (2015), “the healthcare industry is behind other industries in protecting its infrastructure” and its data. This means cyber attackers can easily hack into their systems at no cost and reap huge rewards from a ransom threat.

Healthcare facilities have valuable assets

Healthcare facilities assets are regarded as highly valuable to cybercriminals, including:

• Patient’s health — This can be affected in many ways by perpetrators. For instance, cyber attackers can tamper with the medical device software and possibly temporarily injure the patient, eg, cutting off the power supply in operating rooms is a way in which a patient’s health could be fatally compromised.
• Patient’s health record — This contains not only valuable protected health information (PHI), eg, any kind of patient health information that can be used to identify a patient, but also the patient’s health record contains personally identifiable information (PII) such as social security number, healthcare provider information, credit card number, name, address, date of birth, etc, which can be sold by hackers on the black market to other criminals who use this information to steal people’s identities.
• Healthcare services received by patients — Such as medical devices, equipment as well as the administrative healthcare services such as patient reports, prescriptions, appointments, etc.
• Intellectual property — Generated by healthcare facilities with research labs and which may be of interest to third parties such as researchers or pharmaceutical companies of competitor companies. If this data is taken during clinical trials, stolen data could result in harm to patients.
• Reputation of the facility and its physicians — Also an asset. Now that data breach reporting in Australia will be mandatory from February next year, a cyber attack on a healthcare organisation could really harm the institution’s credibility as soon as the breach is made known to the public.

Digitalisation poses new security challenges

Currently the most popular type of cyber attack on healthcare facilities is ransomware, where data is cut off in exchange for a ransom. Perpetrators know the healthcare providers cannot be without this data for a long time as patients’ health could be at serious risk — resulting in possible death — and could prompt lawsuits against the healthcare provider. As a result, health facilities usually pay the ransom.

Although the health sector goes to great lengths to ensure a patient’s health is protected, the medical community unfortunately often does not see cybersecurity and cyber insurance as having a major role to play in this protection.

Cyber insurance can protect against skilled hackers

Cyber insurance is necessary in conjunction with cybersecurity as many healthcare facilities still rely on legacy systems and devices that have reached their end of life or are no longer supported because of the cost to upgrade them and, as we saw in the WannaCry attack, patches no longer protect them. Even the very best cybersecurity measures could still be compromised by increasingly adept cyber hackers.

*Coverforce Leed Insurance Brokers provides cyber risk consulting and insurance solutions.

Image credit: ©stock.adobe.com/au/Sergey Nivens