Technology innovations have advanced healthcare in new and astonishing ways. However, evolving technology in medicine presents a ripe target for cybercriminals. The threats have progressed well beyond data breaches and ransomware—both of which are still significant cybersecurity concerns and can cause significant damage to the healthcare industry. Now, healthcare providers need to protect their patients and infrastructure against killware attacks, an emerging cyberthreat that targets Internet of Things (IoT) devices to cause physical harm or death.
The following are several of the latest cybersecurity trends affecting healthcare:
Killware Attacks
Ransomware focuses on stealing data, encrypting it, and charging a ransom (hence the name) for the return of the information. Killware takes this threat to the next level by targeting IoT devices. IoT devices are ubiquitous in hospitals and perform several critical functions, such as operating respirators, IV infusions, and technology that points ambulances to the nearest hospitals. Compromising these devices can cause irreversible harm to patients, up to and including their death. Compromised devices force healthcare providers to pay the ransom to keep their patients safe.
Insider sabotage
Many successful cyberattacks are the result of employee negligence or insufficient training. Sometimes, the problem is systemic to the entire organization. Phishing scams are a common tactic to trick employees into downloading malware and granting cybercriminals access to the system. Employees may intentionally exploit the system for financial gain or out of spite over workplace frustrations.
IT Department Insufficiencies
A robust IT department is a must to protect patient and hospital data. However, many healthcare organizations lack the IT staff required for robust cybersecurity. Some lack the funding to employ enough IT experts, while others don’t fully understand their vulnerabilities. Legacy systems also present cybersecurity challenges, as they often lack the configuration capabilities to withstand modern cyberthreats.
Improving healthcare cybersecurity requires a multipronged approach. Simple steps can prevent accidental breaches, such as training employees to recognize phishing attempts, assigning employees different levels of access to databases specific to their duties, applying software updates as soon as possible, and enabling multifactor authentication. Breaches can still happen regardless of how well an organization protects itself from cyberattacks. Cyberthreats are constantly evolving, and technology can’t always keep pace with them. Contact Windermere Insurance Group to learn how we can help your healthcare organization improve its cybersecurity.