August 23, 2023by Delilah Schwartz

Cybersecurity Challenges and the Unique Vulnerabilities Faced by the Healthcare Industry

According to the HIPAA Journal, when it comes to cybersecurity, the healthcare industry fares poorly compared to other sectors. In fact, healthcare accounted for 32% of data breaches between 2015 and 2022 – nearly double the number recorded in the financial and manufacturing industries.

While cyber attacks are increasing in frequency and sophistication across the board, for the healthcare sector, these threats are compounded in intensity. Healthcare data is highly valuable, making it an attractive target for malicious cybercriminals. But the potential consequences of cyber attacks against Healthcare institutions extend far beyond data compromise, financial losses or reputational damage - in this sector, human lives are at stake.  Moreover, plagued with overworked healthcare employees, legacy technology, and poorly protected networks, healthcare organizations are a relatively easy target for attack. With these factors in mind, and the fact that ill-gotten patient records fetch between $10 to $1000 apiece in illicit underground marketplaces,  it's no surprise that attacks targeting healthcare organizations remain on the rise.

The gravity of the cyber threat facing the healthcare industry has been made blatantly clear through several headline-grabbing incidents over the past few years. In 2017, the WannaCry ransomware attack affected hundreds of thousands of hospital computers across 150 countries. This attack caused significant disruption, resulting in countless patients being deprived of urgently needed medical care. In May 2023, a ransomware attack targeting Richmond University Medical Center (RUMC) in New York rendered life-saving technologies unusable, causing massive disruptions that necessitated manual data entry and nurses assigned to individually monitor patients. Recently, in June 2023, St. Margaret’s Health in Illinois closed its doors, becoming the first healthcare facility to  cite a cyberattack as a reason for its downfall. St. Margaret’s had fallen victim to ransomware attack in 2021 that crippled the hospital’s computer network and caused significant disruptions to it's operations - particularly in the ability to submit insurance claims and receive timely payments for services rendered. 

Industries across the globe face an ever-evolving landscape of cyber threats, but those in healthcare face a unique set of vulnerabilities and challenges as they balance cybersecurity, digital transformation, and sustaining critical patient care. Key vulnerabilities and challenges include:

  • Cybersecurity Workforce Shortage: The cybersecurity industry as a whole is suffering from a staff shortage of approximately 3.4 million professionals. Those hiring in the healthcare industry are particularly hard hit in this area. It’s been difficult for them to recruit, train, and retain skilled cybersecurity employees, particularly in regional and public hospitals that may have insufficient budgets.

  • Large Attack Surface: Healthcare is one of the most difficult industries to protect from cyber attacks. From medical devices, medical systems, shadow IT devices from patients and their families connecting to the hospital network, and legacy systems, healthcare providers have an incredibly large - and highly complex - attack surface. 

  • Software and Hardware Vulnerabilities: Healthcare organizations encounter a distinctive challenge with Software and Hardware Vulnerabilities, primarily due to stringent regulations governing the patching of medical devices and software. Balancing the need for security updates with compliance requirements becomes complex, especially when dealing with non-patchable legacy systems that continue to be integral to critical healthcare processes.

  • Lack of Network Segmentation: Hospital networks have thousands of connected medical devices – Operational Technology (OT) for critical care, Internet of Things (IoT) for mobile devices and tablets, Information Technology (IT) for personal computers and servers, and Internet of Medical (IoMT) devices like heart monitors, MRI, and more. Without effective segmentation to separate between the public hospital wifi and life-supporting devices, a breach in the less secure public network could potentially provide a gateway for cybercriminals to infiltrate and compromise critical medical equipment and patient care systems. This lack of network isolation puts patient safety in jeopardy, as it could lead to disruptions in life-saving treatments and interventions.

  • Manual Response: Healthcare institutions face a unique challenge in incident response due to the critical nature of patient care. Unlike other sectors, they cannot easily shut down networks or components to mitigate cyber threats, as patient safety remains paramount and any disruption could potentially endanger lives. This necessity to maintain uninterrupted medical services necessitates a more intricate - often manual - and patient-centered approach to incident containment and resolution.

Want to learn about the proactive measures you can take to protect your organization from malicious actors? Listen to our podcast series Defense Against the Dark Web, where Cybersixgill’s Delilah Schwartz and Offir Levy, Vice President of Healthcare Sales EMEA for Medigate by Claroty, share their insights into the challenges that healthcare organizations face and solutions to safeguard their digital assets, devices, and patient data. 

You may also like

A close-up, detailed, and vibrant image of a microscopic cell with numerous tentacle-like extensions, depicted in shades of pink and purple against a blurred blue background.

May 15, 2024

Black Basta's Devastating Attack on a US Hospital System: Lessons Learned and Protective Measures

Read more
Screen showing a malware alert

May 09, 2024

New 'Latrodectus' Malware Linked to Notorious 'IcedID' Developer: A Deep Dive into Targets, Potential Impact, and Remediation Steps

Read more
Chris Strand-Thumbnail

May 07, 2024

Enhancing Security Posture with Cyber Risk Intelligence Part 2

Read more