The ongoing war against healthcare data hackers

The healthcare sector suffered 388 breaches in 2023, as of August 15, according to the U.S. Department of Health and Human Services data breach portal. This is an increase of 104% over the same period in 2022.  More than 60 million individuals were impacted by healthcare data breaches in the first seven months of the year. There’s no sign of any slackening in the efforts of cybercriminals, as the amount of salable information that hackers can glean from healthcare systems is staggering.

Protected health information (PHI) can be worth up to 40 times more on the dark web than stolen credit card data because — unlike payment numbers or account passwords — it can’t be canceled or changed. Stolen health records can be used in identity theft to receive medical treatments or services, obtain fraudulent prescriptions, and then fraudulently bill the patient and/or their insurance company. And that’s just the view from the healthcare sector — the breadth and depth of information stolen can be used in countless criminal activities. 

The information involved in the 2023 breaches alone included names, Social Security numbers, driver’s license numbers, government-issued ID numbers, addresses, birth dates, medication information, lab test results, prescription data, diagnoses, radiology reports, phone numbers, provider names, treatment plans, diagnoses and health insurance information.

As a result of that potentially profitable haul, HCOs are under constant assault by malicious hackers — and that threat grows daily as more devices are added to their networks, effectively increasing the attack surface for cybercriminals.

The cost of a data breach is rising

A successful cyberattack on a healthcare organization (HCO) resulting in a data breach can have severe consequences, including financial and reputational losses, legal liabilities and regulatory penalties. If they have a choice, patients may choose not to do business with previously attacked HCOs. And while it’s hard to precisely forecast the possible repercussions of reputation loss and possible legal consequences, it’s fairly simple to put hard dollar figures on the cost of a data breach.

According to Fierce Healthcare, “Cybersecurity breaches cost healthcare organizations an average of $10.1 million each during 2022, a 9.4% increase over 2021 that’s well above what other sectors of the economy are forced to spend.”  In fact, according to IBM’s  Cost of a Data Breach Report 2023, that’s more than double the average cost of $4.45 million across all other industries.

For healthcare, some of the most common forms of attack are social engineering (when the attacker impersonates a trusted resource and persuades the target into sharing data or granting access), ransomware (rendering systems and files inaccessible until a ransom is paid), Distributed Denial-of-Service (DDoS) or third-party supply chain attacks. What it all boils down to is that hackers are continually trying every available tactic to profit from sensitive personal healthcare information.

The groups seeking to create data breaches in healthcare are operating worldwide. Health IT Security reports that these groups range from cybercriminals operating solely for profit, to cyberterrorists who “take things further by targeting systems to disrupt or destroy critical services of a specific sector or nation.” That publication also warns that nation-state actors and hacktivists are also targeting HCOs in support of various political or social agendas.   

A broadened attack surface

According to the Cybersecurity & Infrastructure Security Agency (CISA) there are four simple steps any organization can take on their own to help ward off attacks.  The four initial steps that agency advises are using strong passwords, turning on multi-factor authentication, teaching staff to recognize and report phishing attempts, and keeping software updated. This is a good start. However, digital health transformation has grown HCOs’ attack surfaces, and the recent rise in data breaches and cyberattacks underscores HCOs’ need for ever stronger privacy and cybersecurity posture. To develop, enhance and keep that defense constantly updated against the latest threats, HCOs should partner with infrastructure providers who deeply understand healthcare’s cyberthreat landscape.

Further, as they expand into the cloud, HCOs should seek cloud security solutions and procedures that can mitigate the risk of internal and external threats to infrastructure, applications and data in a cloud. Not coincidentally, this move into the cloud significantly broadens the attack surface for cybercriminals.

With an increasing amount of healthcare services being offered remotely or virtually, these cloud security solutions must support on-premises, mobile and remote users by granting secure access to internal and cloud applications, regardless of an authorized user’s location or device. With the proper solution, healthcare workers and patients alike remotely access a controlled selection of internal and cloud applications through multifactor authentication (MFA) or zero trust network access (ZTNA). Some solutions can provide both security options. 

Although most HCOs have extremely capable and diligent IT personnel, many find it very hard to find, hire, train and retain the people to keep those teams fully staffed, and as a result their IT teams are overwhelmed by the enormity of their tasks. This has caused many HCOs seek out managed security service partners to help them meet their cybersecurity objectives. 

How Spectrum Enterprise can help

Managed Security Service,  by Spectrum Enterprise, is an example of a managed service that can augment and expand the reach of an otherwise constrained IT staff. A managed service partnership like this can allow healthcare IT leadership to focus on handling policy and procedural changes, and not be mired in daily oversight. Updated automatically, it can also help IT leaders concentrate the people they have on staff in areas of the organization where they can focus their efforts on improving patient and staff experience.

With the Enterprise Network Edge solution, delivered over the Fortinet platform, HCOs can have a network infrastructure that is continually updated automatically. The solution enables complete visibility of security events and threats, network utilization and more through an easy-to-use portal. HCOs can choose from fully managed or co-managed solutions. Spectrum Enterprise helps to take the burden off stressed and overworked IT teams by offering network experts, national reach and multiple connectivity options.

See how to drive efficient HCO cybersecurity and find out why 8 out of the top 10 health systems in the US rely on Spectrum Enterprise for their technology solutions.