Why is healthcare a juicy target for cybercrime?

Healthcare organizations are vulnerable to cyberattacks, even more so than most other industries. In fact, advanced persistent threat (APT) groups actively target covered entities, such as healthcare providers, pharmaceutical companies, and medical research organizations. And according to the 2021 Verizon Data Breach Investigation Report, many APTs currently employ ransomware, including some that focus on the COVID-19 pandemic.

Cyberattackers carried out 91% of data breaches for financial gain, and human error continues to plague the healthcare industry. In other words, targeting healthcare is a lucrative and practical option for cybercriminals.

Let’s break down the top 5 reasons why healthcare is a popular victim before exploring the best cybersecurity approach to stopping such attacks before they cause irreparable damage.

1) Wealth of valuable data

One of the main goals of HIPAA (the Health Insurance Portability and Accountability Act of 1996) is to set the policies and procedures for safeguarding protected health information (PHI). PHI is any personally identifiable information that can identify a patient and is disclosed during patient care. This can include addresses, Social Security numbers, financial accounts information, medical records, and even someone's name. These are all types of information that APTs use to commit identity theft or insurance fraud as well as to extort a ransom.

RELATED: International vaccine “cold chain” subject of cyber espionage

According to researchers, hackers target healthcare because of the  high value of PHI on the black market. Not to mention the amount of money an APT could get from a ransom demand.

2) More likely to pay

Targeting healthcare networks can delay access to vital information, potentially affecting care and treatment of patients including cancellation of procedures, rerouting to unaffected facilities, and compromise of [PHI].

A patient even died in Germany after the University Hospital of Düsseldorf turned her ambulance away following a ransomware attack. Such concerns ultimately lead to healthcare providers paying a ransom (against governmental advice) hoping for the swift return of their data and no double extortion.

3) Excessive and more vulnerable attack surfaces

• Unpatched, outdated legacy software and hardware
• Unmonitored medical devices
• Personal devices used at work
• Third-party vendors (i.e., business associates)
• Insufficiently trained remote workers
  
  

4) Untrained, tired employees

The last two attack surfaces are especially pertinent because hackers take advantage of stressed, overworked employees. The healthcare industry is known for having a stretched staff that is regrettably unknowledgeable about cybersecurity. Additionally, team members are not likely to be up-to-date on cyber risks.

RELATED: What you don’t know about cybersecurity can put your business at risk

In fact, the IBM Security Cost of a Data Breach Report 2021 states that compromised employee credentials caused the most data breaches at an average cost of $4.37 million. Add to this the switch to remote working and there has been a definite spike in phishing and brute force attacks. Human error is inevitable, particularly for organizations that rely on their employees to recognize and block attacks rather than create a healthy and secure cyber environment with solid, HIPAA compliant cybersecurity.

5) Lax cybersecurity

Unfortunately, many healthcare organizations are lax with cybersecurity controls. In fact, several covered entities are doing a poor job of protecting themselves and their patients’ PHI. This is especially true for some small and midsize businesses who take an "it-won’t-happen-to-me" approach to cybersecurity. For some healthcare organizations, the idea of overhauling cybersecurity seems more daunting than dealing with a breach. But the cost of a breach ever increasing, it’s time to rethink this.

RELATED: The costs of ransomware attacks

A healthcare organization may view cybersecurity as an expense, but it is nothing compared to what you could lose in the event of a data breach.

It’s essential to follow best cybersecurity practices

• Continuous employee awareness training
• Up-to-date and consistent policies and procedures
• Prevention and recovery strategies
• Strong technical and physical access controls
• Multiple offline backups
• Patched and updated systems and devices
• Increased security around remote working and cloud technologies

And especially, solid inbound/outbound email protection (i.e., HIPAA compliant email).

Utilize strong email security—Paubox Email Suite Premium

Paubox Email Suite Premium stops the most utilized threat vector—email—from being a cyberthreat. With our HITRUST CSF certified solution, all emails are encrypted directly from your existing email platform (such as Microsoft 365 and  Google Workspace). It requires no change in email behavior to send or receive an email. No extra logins, passwords, or portals.

Paubox’s solution also comes with  ExecProtect (built to block  display name spoofing emails) and our new patent-pending Zero Trust Email feature, both of which safeguard an inbox. Paubox Email Suite Premium also includes data loss prevention (DLP), which stops unauthorized employees from transmitting sensitive data outside an organization, along with email archiving.

Don’t hesitate to make cybersecurity a priority. Take proactive action and implement robust protections today to avoid future headaches and potentially millions of dollars in costs.