Cybersecurity Health for the Digital Health of our Healthcare system

Technology has transformed the healthcare sector at a phenomenal rate, but in doing so it has also elevated it to become one of the most targeted industries for cyber-attacks.

The healthcare industry now has the dubious honour of having the highest number of notified breaches in Australia and a 650% increase in ransomware attacks year on year.

One of the most recent of these was the breach of an Australian NDIS third-party client management system which resulted in highly sensitive health data being compromised and uploaded to the dark web.

But we aren’t alone — in May 2021, the Health Service Executive (HSE) of Ireland suffered a ransomware cyberattack which caused all the national and local IT systems across core services in more than 40 hospitals to shut down. It severely impacted health and social care services with many appointments cancelled, including all outpatient and radiology services, affecting CT and other scans. It was more than a month until the HSE could decrypt the IT servers and get 70% of computer devices back in use, and a further four months until it managed to get 95% of servers and devices restored.

Cybersecurity in the healthcare sector has gained so much attention that a ransomware attack even featured in Season 4 of New Amsterdam. It may have been fictional, but it was grounded in reality and painted an accurate picture about the potentially life-threatening nature of healthcare-targeted cyber threats. In this instance, viewers saw a complete halt to all departments’ operations, a takeover of the hospital’s critical infrastructure with automated, robo-enabled surgeries and Internet-connected chemo injections being compromised; and patients’ sensitive data being hacked.

One of the self-evident risks for the healthcare systems is ensuring medical data is safely shared. The pandemic has been a catalyst in accelerating the digital integration and deployment of data, particularly with the introduction of Telehealth paired with the existing My Health Record in Australia. Privileged and sensitive patient information is now shared across complex ecosystems with a highly connected internal and external workforce.

Today, hospitals are part of integrated campuses, with multiple locations and research facilities working closely together, while pharmaceutical companies are extensively collaborating with GPs. The stakeholders on the system leverage a rapidly growing number of Internet-connected medical equipment and devices which are rich in medical and pharmaceutical data.

For those managing security, the requirements are two-fold — besides ensuring the security of human identities is maintained to prevent or minimise the impact of cyber security attacks, there are now significant risks posed by the increasing use of devices and machines throughout hospitals to look out for.

In fact, the devices — or operational technology (OT) — are poised to become the highest risk factors for healthcare organisations unless appropriate security controls are in place for these machine identities. With most medical technology now connected to the Internet, from endpoints to MRTs and scanners, the gateways for malicious actors to wreak havoc are considerable both in metropolitan locations and in digital or remote surgery environments where machines can outnumber the doctors operating in the room.

Taking a risk-based approach to cybersecurity and ensuring OT, and thus critical healthcare infrastructure and facilities, aren’t compromised should now be a table-stakes consideration.

It all comes back to ensuring the delivery of reliable healthcare services that practitioners can trust without the risk of disruption to ensure they can deliver essential services to their patients. It’s about supporting human capability with reliable technology.

Ultimately, people are the greatest assets in healthcare. So, when we talk about cyber security in digital health, the focus should be on supporting those great people with safe technology, making them more efficient and better informed with secured data, devices, and infrastructure.