Healthcare continues to be a favorite target for cybercriminals. In 2022, the industry experienced 1,410 cyberattacks a week, an increase of 86%. Additionally, healthcare was the vertical with the most data breaches. This environment of risk and all the complexities associated with healthcare data security make for a challenging landscape. Being proactive and understanding healthcare cybersecurity trends is critical to staying out of the attack and breach headlines.
So, what’s ahead in 2024? These are the trends that should be on your radar.
Supply Chain Security Remains a Weakness
Third parties are an appealing and easier way into healthcare networks for hackers. Since healthcare entities contract with many vendors, there are multiple routes for hackers to attempt to breach.
One example is the Professional Finance Company breach. The organization is an accounts receivable management company. They collect debts for many healthcare providers. They suffered a breach in February 2022. After forensic analysis, the root cause was an unauthorized third party that was able to access the system. They did not report any evidence relating to the misuse of patient data, but it affected 657 healthcare providers.
This threat has been high profile for several years, and the NIST (National Institute of Standards and Technology) published a guide on defending against them. Many drivers are behind the uptick in supply chain cybersecurity attacks.
Cybercriminals are, of course, becoming more sophisticated. Another factor is the desire for healthcare and many industries to integrate with other systems, allowing for privileged access, communication, and data exchange. This is necessary to modernize healthcare technology, but it comes with risks.
Preventing these attacks requires offensive and defensive cyber strategies, including:
- Developing and implementing a third-party risk management program
- Conducting ongoing vulnerability assessments and pen tests
- Creating a PAM (privileged access management) framework
Cloud Breaches Drive a Need for Stronger Infrastructure
Many healthcare organizations have migrated applications and data to the cloud. At least 70% have moved to the cloud. While not new, this healthcare cybersecurity trend continues to change.
Cloud security is robust and layered but not impenetrable. Hackers use phishing and malware to gain access to the cloud. The good news is that many of these attacks are detectable within minutes.
Healthcare understands the value of the cloud; they just need to go above and beyond the minimum in securing it. This means ensuring their own internal controls are sufficient and that cloud providers have the most advanced protections.
Cloud adoption in healthcare is more prevalent than ever and aids internal IT teams since it eliminates the need for them to maintain on-premises servers. Yet, many healthcare cyber professionals have concerns.
Cloud security in healthcare should consider these strategies:
- Perform cloud pen testing with an experienced vendor and remediate issues detected.
- Migrate shadow IT to an approved service.
- Determine how to decommission legacy systems that have sunset and would be impossible to move to the cloud.
- Employ DLP (data loss prevention) and encryption.
- Move toward a zero-trust framework.
IoT Attacks Impact the Innovation of Connected Medical Devices
Connected devices are beneficial in healthcare, as they monitor patients remotely and collect data on their conditions through vital readings. They can be a component of remote care and lead to better clinical outcomes.
The problem is that these are more assets on your network and often have vulnerabilities for attackers to locate and exploit. In a report on the state of healthcare IoT devices, findings included:
- 50% of connected devices in hospitals have critical risks.
- The most vulnerable devices are IV pumps, and tampering with these could impact patient safety.
- Over 50% of devices used in labs, oncology treatment, and pharmacology run old operating systems.
IoT devices are supporting more connected care, and their use will accelerate. However, healthcare must be vigilant. Tips to improve healthcare IoT security involve these risk-based approaches:
- Identify risks that aren’t requirements. Partner with a healthcare cyber firm to conduct vulnerability assessments to determine present risks that aren’t necessary for the device to run effectively.
- Use IoT pen tests. Pen testers can specifically focus on IoT devices and simulate an attack, providing insights into the weaknesses.
- Get support for monitoring new threats. Internal teams are likely already strained. Instead of adding more to their responsibilities, you could outsource this to your cyber partner.
Medical devices are vital to the future of healthcare, and your organization has to plan for this to mitigate risk.
Ransomware May Be the Biggest Threat
Ransomware in healthcare has seen substantial increases. A 2022 survey revealed that 41% of respondents dealt with a ransomware attack.
Several high-profile cases have led to healthcare systems being unable to deliver care. In August, Prospect Medical Holdings, operator of 16 hospitals and 165 clinics in several states, had to halt or reduce services due to a ransomware attack.
Another example is Richmond University Medical Center. They experienced a ransomware attack, which created connectivity issues and downtime.
Cybercriminals find healthcare to be an attractive ransomware victim because disruptions in their networks can impact patient safety. They consider the industry a “soft” target because of legacy system usage, zero-day vulnerabilities, complex networks with many applications, resource gaps, funding deficiencies, and growing infrastructure.
The best ways to decrease your risk of ransomware include:
- Continuous vulnerability assessments
- HIPAA penetration tests
- Comprehensive and never-ending security training for users
- Establishing robust endpoint protection
- Backing up data consistently and in a separate location to ensure redundancy
- Applying access controls and PAM
- Network segmentation to isolate critical systems and sensitive data
- Testing and improving incident response plans
Emotet Returns
In March 2023, HHS (Department of Health and Human Services) relayed that Emotet was active again. Historically, they have been a significant threat to healthcare. Social engineering and phishing emails with infected ZIP files were the techniques of choice. In addition, they also began using binary padding, which adds extra data to a portable executable file. It does not change the behavior of the binary. Hackers employ it to “outsmart” sandboxes, change the hash for malware, and obfuscation.
Experts expect Emotet to evolve and find new ways to deliver malware. The key to avoiding this risk is focusing on email security. To do this, you need a robust spam filtering automation tool, which should be able to minimize some phishing schemes. Second, your employees need continuous education. Third, you can tap your pen test provider to create phishing tests to assess how users will respond to these attacks. Fourth, turn off all macros in Microsoft Office.
AI and Machine Learning: Friend and Foe
AI and machine learning are healthcare cybersecurity trends with two sides. These tools can be very helpful in supporting cybersecurity. They are excellent at detecting anomalies, filtering email spam, identifying botnets, managing vulnerabilities, preventing data leaks, and more.
They deliver automated solutions that put less strain on your people. However, they can’t operate in a vacuum. They need human control and intervention. These technologies have advantages in managing your overall cybersecurity practices.
On the other side, hackers are weaponizing AI and machine learning for their benefit. Cybercriminals use it to gather data for better victim profiling, so phishing attacks seem legitimate. They’re also using it to launch ransomware and are taking advantage of machine learning-generated deepfakes for voice phishing. Machine learning can also help hackers crack passwords and CAPTCHAs.
The technology is both a help and a threat to healthcare. Stay aware of the opportunities on each side. Adopting AI and machine learning is a good investment. Be vigilant in the ways hackers can apply it as well. Currently, AI and machine learning aren’t in wide usage, as they’re still a bit complex and require specific knowledge. However, as they become more user-friendly, the risk will rise.
Cyber Workforce Shortages Continue
The cyber workforce shortages have impacted every industry. Recent reports state that 3.4 million jobs remain vacant. As a result, internal IT teams are struggling to keep up. It creates gaps in cybersecurity, leading to more risk.
Several factors contribute to this shortage, including:
- More threats on the landscape need more eyes on the network.
- Younger generations aren’t entering the industry. Only 12% of the workforce is 34 or younger.
- Retention is an ongoing issue fueled by burnout.
- IT cultures can often be toxic and self-defeating.
There’s no magic cure to curb this shortage, but there are strategies to consider. You can work with schools and organizations to recruit cyber professionals early. Another option is to make your workplace healthy, communicative, and transparent so you retain high performers. If there’s no way for your people to do all the work, partner with a firm that can help you with strategies, testing, and more.
Help is coming from the government, too. The White House announced the creation of the National Cyber Workforce and Education Strategy to address shortages and create plans for building a long-term workforce in cybersecurity.
What Healthcare Cybersecurity Trends Are Your Priority?
Healthcare cybersecurity will always be an area where risk and threats are rampant. Managing them is challenging for any organization, no matter the size. If these trends are currently impacting you, we can help. We are healthcare cybersecurity experts with decades of experience. Get in touch for a discovery session.