Healthcare Technology Featured Article

January 05, 2017

Healthcare Industry May See More Cyberattacks Due to the IoT

Many businesses and organizations have begun to invest more in the Internet of Things (IoT)—the network connectivity among everyday objects allowing them to receive and send data. More and more devices are able to connect to each other— phones, tablets, thermostats, cars, locks, sprinklers—making it easier than ever to manage your household, health insurance, bank accounts, music, and so much more. The IoT will eventually lead to a lot of benefits for many businesses, but with this connectivity also comes the chance of an increase in cyberattacks.

Most healthcare and other business executives have recently found that the IoT has begun to expand the kinds of cyberattacks they normally suffer. Because of this, it’s not enough to just know that you are vulnerable. Scott Borg, chief economist at U.S. Cyber Consequences Unit, stated that executives “need to be thinking about what [their] systems are used for because the first step in the economics of cybersecurity is paying attention to what your hospital or clinic is actually doing.” Looking at what your systems are used for will show healthcare executives just where they are most vulnerable and also what systems don’t deserve the attention as a hacker wouldn’t likely go after it. Borg also explained that “thinking about where value is created within a healthcare organization can help cybersecurity executives start customizing security to fit their organizations.”

In 2015, hackers attacked the healthcare industry more than any other industry. In fact, IBM called it “the year of the healthcare breach” in their 2016 Cyber Security Intelligence Index. Knowing that your organization is vulnerable and most likely the first to get hit is only step one though. In 2015, a hacker successfully hacked a health insurer and immediately listed its 9.3 million record databases for sale on a Darknet marketplace. In June 2016, the Department of Health and Human Services’ Office for Civil Rights reported that 95,251 healthcare records were exposed or stolen. Patient records carry profitable information for hackers and, because of this, hacking on healthcare organizations isn’t going to end for some time, if ever.

Unforeseen hacks can send organizations into the not-so-dark ages. The Hollywood Presbyterian Medical Center in California was hit with ransomware and had to shut down all of their computers and were stuck depending on fax machines and paper records for a week. Most often, cybercriminals are interested in healthcare data and records for the ransom value or for selling it on the black market.

The biggest reason why healthcare data is so highly sought after is the wealth of information it contains. Much of which can be used for medical identify theft and fraud. Health records can contain email addresses, social security numbers, credit card information, medical history records, doctor files including ACLS recertification and even employment information. With some of the biggest fish necessary to commit fraud, cyberthieves are using this data to launch attacks and steal medical identities.

Unlike other businesses or industries that may hold your credit card information and nothing else, with so many prized carrots all bundled into one big system, healthcare organizations are going to remain a hot target for some time, especially since the industry is still far behind the times with cybersecurity.

The year 2015 alone should have shocked executives into investing more into cybersecurity, but 2016 also saw some of the worst hits on healthcare systems. A survey conducted by Sophos showed that only 31 percent of healthcare organizations reported extensive use of encryption. Twenty percent reported not using any encryption at all.

Pulling an organization out of the not-so-dark ages isn’t brain surgery though; healthcare executives have a newfound wealth of information to help them defend and get ahead of hackers long before they’re hit. With cybersecurity initiatives and even cyberinsurance a growing industry, most companies and organizations have just about everything they need to protect themselves from potential--and most likely inevitable--attacks.

Edited by Alicia Young
By Special Guest
Rick Delgado, Content Writer ,

FREE eNewsletter

Click here to receive your targeted Healthcare Technology Community eNewsletter.
[Subscribe Now]