The 3 Most Common Cyber Threats & How to Protect Your Practice
Posted by Paolo Gabriel Demillo
As the healthcare industry continues to grapple with one of its toughest challenges to date, the COVID-19 pandemic, a different threat also persists: cyberattacks. According to Federal Bureau of Investigation (FBI) data, cyberattack complaints have increased by 400% since March 2020.
Healthcare organizations are naturally appealing and susceptible targets for cyberattacks. Confidential patient information can be worth a fortune for hackers; pair that with outdated systems and poor healthcare cybersecurity practices, and you get a perfect storm for cybercriminals.
In a statement to HealthLeaders Media, Ventiv Technology Senior Director of Healthcare Practice, Heather Annolino, rings the alarm on how healthcare systems don’t prioritize cybersecurity nearly enough.
“Compared to other industries, the health systems have been slower to move forward in creating departments focused on cybersecurity,” says Annolino. “But often, when looking at all the risks they’re trying to prioritize, cyber threats are lower on the list than they should be.”
Spike in Cyberattacks During the Pandemic
Cybercrime has thrived during the pandemic, targeting almost every industry, but especially healthcare. At the height of the pandemic, health systems had to shift their focus and resources to their respective COVID response programs. While hospitals and clinics had their hands full, cybercriminals were also busy zeroing in on them. The rushed and expanded adoption of virtual channels also made healthcare organizations more vulnerable targets.
According to IBM Security’s X-Force Threat Intelligence Index 2021, healthcare was the 7th most targeted industry in 2020, jumping three places from 2019.
As the healthcare industry accelerates the adoption of digital and remote technologies, bolstering your cybersecurity capabilities and know-how is more important now than ever. The first step to creating a viable cybersecurity strategy is to be aware of the kind of threats you are up against. Understanding the most common forms of cybersecurity risks and their implications will help you better protect your patients, your data, and your practice.
1. Ransomware Attack
According to IBM Security, ransomware attacks accounted for 23% of all cyberattacks in 2020, making it the most common form of a cyberattack last year. Ransomware is a type of malware that gains unauthorized entry to your computer with the intent to encrypt your files and restrict your access. Most cybercriminals who employ this method demand a ransom in exchange for a decryption key so you can regain access to your data.
A report by cybersecurity company Sophos shows more than a third of healthcare organizations were hit by a ransomware attack in 2020. Although ransomware attacks aren’t as prevalent in healthcare compared to other sectors, it is the least capable industry in preventing such attacks. Sophos found that the encryption success rate in healthcare data was 65%, a considerably higher percentage in juxtaposition to the 54% global average.
Ransomware threat prevention requires more than just siloed strategies. It must be an organization-wide approach that involves workflows, systems, and your employees. With ransomware attacks, it’s not just money at stake but also your entire organization’s data privacy and integrity.
2. Data Theft
Along with the surge in COVID-19 cases, data breaches also spiked in 2020. A survey by cloud security company Bitglass shows that nearly 600 healthcare-related data breaches were recorded last year, a 55.1% increase compared to 2019. Hacking and IT incidents make up 67.3% of all healthcare breaches, followed by unauthorized disclosures, which account for 21.5% of cases.
On top of compromising data privacy and integrity, a data breach is also costly. Every breached record will set your practice back $499 on average. This number rose from $429, or a 16.3% jump, from the year before.
One of the most dangerous aspects of a data breach is that it could take weeks, or even months, to discover it. Unlike a ransomware attack, where you immediately know when your practice is under threat, data breaches often fly under the radar. It takes an average of 96 days for healthcare organizations to uncover a data breach and 236 days to recover from it.
With telehealth and virtual visits increasingly becoming a fundamental part of healthcare delivery, data privacy issues will likely become more prevalent. Healthcare organizations that continue to use commercially available and unprotected video messaging platforms are at greater risk of data breaches.
When offering telehealth services, you must stick with platforms that aren’t only convenient but, most importantly, secure. Meditab’s Intelligent Medical Software (IMS) comes with a fully integrated telehealth solution called Televisit.
Since it’s built into the IMS system, Televisit is fully HIPAA-compliant. It uses a secure network and allows you to launch visits either directly from your computer or mobile device through the platform’s mobile EHR, IMSGo. Meanwhile, your patients can join the video call using their computers, phones, or tablets via a dedicated online patient portal or the IMS Patient App.
3. BEC Attacks
As healthcare adopts more cutting-edge technologies, cybercriminals are also becoming more creative and sophisticated. This is evident in the steady rise in Business Email Compromise (BEC) attacks in healthcare over the years. BEC is a type of extortion and phishing scam where cybercriminals pose as a person in authority within an organization to persuade the recipient to transfer money or sensitive information.
Aptly referred to by the FBI as the billion-dollar scam, BEC attacks were responsible for $26 billion in total losses between 2016 and 2019 according to an FBI Internet Crime Complaint Center (IC3) report. While using emails to extort money and phish confidential data isn’t necessarily a new tactic, cybercriminals are adopting new ways to make their email content harder to detect.
Although cybercriminals have learned ways to get around regular email security software, there are still some common indicators you can look out for to spot a potential BEC attack:
- Subject lines expressing urgency
It’s common for scammers to pose their requests as something urgent to pressure the recipient to act fast. This is their way of rushing you and leaving you no time to validate the authenticity of the sender and the legitimacy of the request. Often, they encourage you to bypass security and validation requirements or even disregard your workflow.
- Domain spoofing
Spoofing email domains is also a commonly used tactic by scammers to get their recipients to open their emails. Domain spoofing occurs when a scammer uses your company’s domain to appear as if they work for your organization. Attackers would usually spoof the email domain of a high-ranking person in your organization to instantly win your trust.
Be mindful of any direct requests or instructions from your CEO or other officials. Organizations typically follow protocols and use proper channels when passing down directives. So if the email tells you to take shortcuts, you should take that as a red flag.
- Compromised email accounts
BEC attacks may also come from hacked company email accounts. That’s why we highly encourage using secure email domains like Google Workspace (formerly G Suite) and adopt the best authentication practices.
Attacks involving compromised emails are a lot trickier to spot since they’re essentially legitimate accounts. The best way to protect your practice from these forms of scams is to review the email content thoroughly.
- Content keywords
The email body of most BEC attacks is written in a way to persuade you to make urgent transactions involving money or patient information. Sometimes, attackers will even insinuate potential repercussions if you fail to complete the transaction right away.
No matter how much attackers try to mimic professionally written emails, they are always bound to leave subtle hints that seem peculiar or out of place. Whenever in doubt, the best way to protect your practice from a BEC attack is to ask questions.
Beyond investing in secure email domains and other advanced cybersecurity solutions, thwarting cyberattacks often boils down to vigilance and proactiveness. Educating your staff about the most common cyber threats and indicators should work hand-in-hand with consistent cybersecurity training and compliance to best practices.
Healthcare’s expanded adoption of digital and remote technologies is long overdue. But it took a global health crisis to finally thrust the industry into the digital age. Hopefully, it won’t take a cybersecurity pandemic to push for a collective effort to expand healthcare cyber awareness and improve cybersecurity. Create a ripple; start with your practice.