As we all know, this great country of ours has been shaken
from the bottom down all the way to the top
with our current presidential administration.
Yes, our Federal Government has been bloated for decades, but the
approach that is being taken is a bit extreme.
Cuts are being made all over with no thought in mind, and
worse yet, the people who depend heavily upon Medicaid could see their benefits
not only reduced but even cut all together.
Even CISA, the main Cybersecurity Agency from within the
Federal Government, is starting to see cuts and even starting to lay off
hundreds of their own employees. So,
when you these two together, you see one horrible trend: The healthcare industry here in the United
States is now going to be even more vulnerable in the hands of the
Cyberattacker.
Consider some of these stats:
*Health Tech Magazine predicted that 2025 will be the
worst year ever for security breaches.
*According to the 2024 Ponemon Healthcare Cybersecurity
Report, 92% of the organizations that are in or even affiliated with the healthcare
industry were hit by a Threat Vector.
*In the report from IBM called the Cost of a Data Breach
Report 2024”, it was estimated that each security breach cost a healthcare entity
at least $4.88 million.
Of course, the healthcare industry has always been vulnerable
to Cyberattacks, but it has now become even more pronounced as Generative AI
and Machine Learning (ML) now start to take a permanent route in both
automation and customer service. You
could very well be wondering at this point, what are the most persistent and
deadliest Threat Vectors that are posed to the healthcare industry? Here is a sample of them:
1) Phishing:
Yes, this is deemed to be the
oldest of all the Threat Vectors out there.
But given its age, the Cyberattacker of today is still able to is to
take the signature profiles of old ones and create newer ones from that. In other words, this is building a better mousetrap. Look at these alarming stats:
Ø
According to the 2022 IBM X-Force Threat
Intelligence Index, Phishing will “be a common tactic for hackers to use
against the health sector." (SOURCE:
Biggest
Cyber Threats to the Healthcare Industry Today)
Ø According
to the NIH National Library of Medicine in a one-month time, the average healthcare
organization received Phishing 858,200 emails.
139,400 of them belonged to marketing, and 18,871 of them contained a
malicious payload, such as an .XLS file containing a macro.
Ø In a
security breach on average, at least 2.6 million PII datasets are stolen from
patients. These include their confidential
information, appointments with doctors, medical records, etc.
2) Ransomware:
This is the kind of Threat Variant where the Cyberattacker could
lock up parts of the IT/Network Infrastructure of a healthcare organization and
expect to pay a ransom (usually in a Bitcoin) for the victim to get their files
unlocked. Such is the case with Change
Healthcare. Over one hundred million patients
had their PII datasets locked up from a Ransomware Attack, and in return, a
$33 million ransom was paid to the Cyberattacking
group.
Then in just last month, the
various blood banks located throughout the entire state of New York were hit by
a Ransomware Attack, four hundred of them in total.
A recent study also
found that the malicious payloads in
Ransomware Attacks can be delivered in one of three ways, or even with all of
them:
Ø Phishing
based Emails.
Ø Malvertising
Ø Malicious
attachments that were downloaded
For those of you may not
know, Malvertising can be technically defined as follows:
“Malvertising or
malicious advertising is a technique that cybercriminals use to inject malware
into users' computers when they visit malicious websites or click on an ad
online.”
(SOURCE: What is
Malvertising and how to prevent it? | Fortinet)
Finally, the average dollar amount of ransom payments made by the healthcare industry was
almost $2.56 million.
My Thoughts on This:
After reading all of this, anybody is wondering, what can
I do to protect myself? Well, the answer
comes from two fronts. The first one is
on the healthcare industry itself. Here
are some things that they need to do:
Ø Deploying
Generative AI powered EDR and XDR solutions to all the endpoints that are issued
to the healthcare workers. Note that endpoint
is a general term that refers to tablets, laptops, smartphones, etc.
Ø Follow
a regular schedule of deploying software patches and updates. This also includes firmware.
Ø Make
use of Multifactor Authentication (MFA).
This is where at least three or more differing authentication mechanisms
are used to confirm the identity of the person in question.
Ø If
passwords are still a key credential, then
make use of a Password Manager. These software applications can create long
and complex passwords on an automated basis.
Ø Make
sure that you have a strong Security Policy that is being enforced. But even more importantly, make sure that you
have Incident Response/Disaster Recovery/Business Continuity Plans in place,
and that they are rehearsed on a regular basis.
As for you, I am
assuming the patient always keep checking
both your bank credit card accounts at least twice a day to make sure that
there is no fraudulent activity that has occurred. Many healthcare organizations now even offer
your own personal patient portal, where
you can access pretty much the same kind of information and data that your
doctor can. Keep checking this also on a
regular basis to make sure that there is no fraudulent activity here wither.
Finally, to view the report from the:
Ø Ponemon
Institute, click here: http://cyberresources.solutions/Blogs/Ponemon_HC_Report.pdf
Ø CISA,
click here: http://cyberresources.solutions/Blogs/CISA_HC_Report.pdf
Ø IBM,
click here: http://cyberresources.solutions/Blogs/IBM_Report.pdf
Ø NIH,
click here: http://cyberresources.solutions/Blogs/NLM_HC_Report.pdf
No comments:
Post a Comment