The healthcare sector has been under tremendous pressure with the increase in the number of those afflicted due to the COVID-19 pandemic and cybercriminals have left no stone unturned to take advantage of this situation.
The numbers speak for themselves
- As of August 13, 2020, the Department of Health and Human Services' HIPAA Breach Reporting Tool has recorded 302 major healthcare breaches impacting nearly 8.7 million individuals.
- Magellan Health, one of the Fortune 500 companies, was struck by a ransomware attack in April 2020. In mid-August, Magellan Health confirmed that about 1.7 million individuals have been affected so far by the April cyberattack.
Healthcare sector allures more
It is often the case that medical facilities have a weaker implementation of security measures as compared to other industries such as banking and financial networks, IT, and e-commerce.
- So far, in August, many healthcare organizations like Illinois healthcare system FHN, Premier Health Partners, MedEvolve, Ashley County Medical Center, Nova Scotia Health, Aberdeen Hospital, Valley Regional Healthcare, and Hampshire Hospitals NHS Foundation Trust have suffered data breaches and unauthorized access incidents.
- In July 2020, National Cardiovascular Partners, Quantum imaging, Heartland Counseling Services Inc., and Hapvida became victims of cyberattacks and data breaches.
Threat actors in the field
The sector has witnessed a wide variety of cyberattacks, including phishing campaigns, ransomware attacks, unauthorized data access, and mishandled health record disposals.
- APT29 group had attempted to steal coronavirus related research and intellectual property from healthcare research organizations, universities, researchers, etc. to steal coronavirus related research secrets between May and July.
- Several other malware and threat actors including FritzFrog, Bazar Backdoor, Hakbit, Evil Corp, etc. were found targeting the healthcare sector (along with some other targeted sectors).
- Ransomware like Netwalker (Center for Fertility and Gynecology, Lorien Health Services), Maze ransomware (Regis Healthcare), etc. also created havoc among healthcare organizations.
- Beaumont Health witnessed a phishing attack, when some email accounts have had unauthorized access between January 3, 2020, and January 29, 2020.
A large number of data breach incidents and impacted victims indicate that the healthcare industry should not be lulled into a false sense of security. They still have a great deal of work to do when it comes to securing their infrastructure, such as locking up remote connections, properly disposing documents, and educating users to prevent the frequently observed phishing attacks as well as delays in detection and breach notifications.