April 7th is World Health Day, and it also marks the founding of the UN’s World Health Organization (WHO) in 1948. The goal of the WHO and World Health Day is to draw attention to issues of health and well-being worldwide. To accomplish this, enduring medical initiatives aimed at expanding care options and finding efficiencies in healthcare will require even closer healthcare-cyber interconnectivity. Existing trends such as reliance on telehealth, user-driven medical, fitness, and nutritional data, and fully digital patient records will make health care data more accessible and faster than ever before. The tradeoff for these advancements is increased cyberattack surface.
Access to confidential, resilient health care services is paramount, and cybersecurity will be critical to meeting the demand for protection against threats while maintaining near-complete data availability. Unfortunately, the data suggest that healthcare-related organizations are prime targets for would-be cyber attackers, and the costs of successful attacks are rising. A study by The European Union Agency for Cybersecurity (ENISA) looked at cyber threats from April 2020 through July 2021 which found that ‘medical and healthcare’ was the fourth most targeted industry among the twenty surveyed (the only groups more frequently targeted were public/government, digital service providers, and the general public). And according to IBM’s Cost of a Data Breach Report for 2021, the Healthcare industry for the past 11 years has had the dubious distinction of suffering the highest data breach costs; the cost of the average data breach for a healthcare organization grew 29% from $7.13M in 2020 to $9.23M in 2021. Though not exhaustive, the infographic below gives an idea of how widespread – both geographically and organizationally – healthcare-related cyber threats have been over the past year or so.
Ensuring the digital security of the networks, data, staff, and patients that make up healthcare networks will be more critical than ever in the coming years. Cyber resilience, (the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources) , will increasingly be a factor that determines whether or not patients receive timely care, and in confidential health, data will be protected. This World Health Day, it is clearer than ever that protecting medical networks and the data in them is a necessary part of ensuring quality health care.
- Belgium, December 2020: The largest private laboratory processing Covid-19 tests in Belgium is a victim of a ransomware attack.
- Ireland, May 2021: Ireland’s Health Service Executive (HSE) suffered a massive attack that brought services to a standstill.
- Alaska, USA, May 2021: The Alaska Department of Health is breached by attackers, forcing the Department to take systems offline for weeks during recovery efforts.
- Italy, August 2021: The online covid-19 vaccine registration portal for the region of Lazio, Italy, is attacked by criminals.
- New Zealand, May 2021: In what was described as “probably the biggest cyberattack in New Zealand’s history”, networks at the Waikato District Health Board were knocked offline for weeks as staff turned to pen and paper to manage patient case data.
- Ohio, USA, May 2021: Between May and July, hackers carried out a data breach against a DNA testing company that compromised the personal data of over two million individuals.
- Georgia, USA, June 2021: The St. Joseph’s/Chandler hospital system suffers a ransomware attack in which the health information of 1.4 million patients was potentially compromised. The attackers gained access to the hospital networks six months prior to the ransomware demand.
- Ohio, USA, August 2021: Memorial Health System acknowledged it reached a ‘negotiated settlement’ after an attack that forced the hospital to divert patients, and which compromised over 200K individuals’ health care data.
- Australia, October 2021: Macquarie Health, a system that runs 12 hospitals in Eastern Australia, was the victim of a cyberattack. While the attack reportedly did not disrupt care services, several thousand confidential documents were posted to the Dark Web shortly after the attack.
- Brazil, December 2021: Newly observed threat group Lapsus$ claims attack on Brazil’s Ministry of Health, forcing the Ministry’s websites offline and resulting in the exfiltration of covid-tracking data. This attack was followed by a separate attack less than a week later.
- Scotland, March 2022: A mental health charity organization was targeted by RansomEXX, who demanded a ransom. The charity refused to pay a ransom and some of its data were leaked online.
About EclecticIQ Threat Research
EclecticIQ is a global provider of threat intelligence, hunting and response technology, and services. Headquartered in Amsterdam, the EclecticIQ Threat Research team is made up of experts from Europe and the U.S. with decades of experience in cyber security and intelligence in industry and government.
We would love to hear from you. Please send us your feedback by emailing us at firstname.lastname@example.org.