Why are hackers targeting healthcare?

For the past decade, the healthcare sector has been using digital records to effectively treat, track, and bill patients. Organizations such as hospitals, labs, pharmacies, drug companies, insurance providers, and outpatient clinics store massive amounts of protected health information (PHI) and personally identifiable information (PII) to improve accessibility and patient care. But it also makes them a target.

The healthcare industry stands out as having the largest number of cyberattacks. In the past 10 years, medical organizations have received nearly 30% of all enterprise cyberattacks. Healthcare data breaches have risen nearly every year from 2010 through 2017 with 2,149 in total. FortiGuard Labs reported that in 2017, healthcare saw 32,000 attacks per day per organization, over twice the number of cyberattacks as other industries. Just this year, 220 healthcare data breaches occurred from January to July 2018 with more than 6.1 million records compromised.

Why do hackers target healthcare above all others?

Easy to sell healthcare data

Healthcare data is easier to offload. Hackers aren't going after financial institutions because they have more security and their money is traceable and will require laundering. Patient records contain social security numbers, payment information, birthdates, family information, credit card numbers, names, email addresses, and physical addresses. A hacker simply finds a buyer in an underground market like the dark web. Once sold, the hacker will have no connection to the data. He will not have to worry about being traced.

An abundance of lucrative healthcare data

There is an abundance of valuable data. The amount of data in the systems of hospitals, clinics, and any organization serving patients make them prime targets for hackers. And while a credit card number yields $2,000 on average, a PHI file can yield up to $20,000.

Apart from selling sensitive files, it's very common for hackers to blackmail victims with their own information. Victims like hospitals would rather pay for the hush money than risk embarrassment or regulatory fines. Hacked healthcare data can also be used by criminals to assume someone's identity to get medical services or make fraudulent insurance claims.

Long periods of undetected cyberattack and data theft

It can take years for the victim to find out that his identity has been stolen. In 2016 alone, the medical records of 27 million patients were breached and many of those patients’ identities were stolen and used to access all kinds of services.

Attacks involving healthcare data can go undetected for long periods of time. For instance, a breach that affected 87,314 patients of Florida-based Southeast Eye Institute was discovered to have started in January 2015, but it was not detected until the end of March 2016. Typically, it can take weeks or months for a healthcare breach to be discovered, giving hackers plenty of time to offload the data or commit further fraud.

High vulnerability to ransomware

Ransomware, where hackers hold data hostage for a fee, is particularly effective as it can go unreported and hospitals would rather pay the ransom than be kept from treating patients. This makes healthcare providers particularly vulnerable, especially since they have no formal process to address these attacks.

A lack of IT spending

Healthcare organizations are notorious for underspending on IT and cybersecurity. In fact, a SANS Institute report found that they spend only 3% of their IT budget on security. Experts recommend at least 10%. Most organizations invest in antivirus software and firewalls, but both are insufficient against modern attacks. They need email security, encryption, backup systems, intrusion prevention software, and more.

A lack of security awareness

Security awareness is not a top priority. Everyone from all levels of the workforce should be trained about the dangers of the threat landscape, including social engineering scams like phishing, which takes advantage of employee carelessness or ignorance. Phishing campaigns are one of the primary ways ransomware is delivered, and employee mistakes are one of the main reasons that breaches occur.

Insider threats

Employees can also be insider threats. According to a cybersecurity report, 18% of healthcare employees are willing to sell their login information for $500 to $1,000. About 25% of healthcare employees know someone in their profession who has done so.

Cyberattacks on healthcare can cause significant damage, affecting their ability to care for their patients. World-class managed services providers (MSPs) like NetQuest can boost your cybersecurity with email and spam protection, security awareness training, data encryption, network monitoring, and more. Contact us today to find out more about how NetQuest safeguards your healthcare data from phishing, ransomware, and other cyberattacks.