Industry experts explain why the healthcare sector is prone to cyberattacks

Cybersecurity is a constantly evolving industry, as hackers and security professionals have become sophisticated and try to outsmart each other.

National Cybersecurity Awareness Month is celebrated every October and is an initiative to put conscious efforts towards ensuring better cybersecurity hygiene and incorporate stronger security measures.

“The sudden onset of the pandemic forced healthcare providers to very quickly set up emergency COVID-19 facilities, with little time to plan out robust IT security infrastructures to protect these facilities,” Sunil Sharma, MD-sales, Sophos India & SAARC, said. Due to the lack of trained staff and poorly protected systems, attackers manage to find organizations’ biggest security gaps and will continue to exploit these weaknesses, he added.

Industry experts share their insights around the evolving threat landscape and why healthcare sector is most vulnerable to cyberattacks and how the industry can bolster cyber defenses.

Healthcare was one of the top five targeted verticals in the APJ region, with confidential information such as PII and PHI data from clinical trials and research often a target for adversaries, as per a CrowdStrike report.

According to Nitin Varma, Managing Director, India & SAARC, CrowdStrike, pharmaceutical companies have intellectual property which needs to be secured relating to proprietary drug information or pharmaceutical research. Nitin feels that to effectively mitigate cybersecurity risks, organizations need to focus their cybersecurity approach on prevention, detection and response.

• Create a hostile environment for adversaries: Making your environment as hostile as possible for adversaries is an important strategy so having multiple defense layers at endpoints goes some way to achieving this. It enables healthcare organizations to protect sensitive data such as patient medical records or scheduling systems, and other networks
• Use a VPN with Multifactor Authentication: Using VPN with multifactor authentication mitigates the exposure of the Remote Desktop Protocol and protects credentials that are often a way in for adversaries.
• Gain visibility into your network: Comprehensive visibility into the network, critical data and all endpoints is crucial to understanding an organization’s digital footprint and where weaknesses may lie. A preparedness plan can address any weaknesses identified in digital infrastructure. As an important link in the chain, employees should also be regularly trained on cybersecurity best practices
• Protect Emails and Patient Health Records: Phishing emails with malicious attachments are another tool that adversaries use to gain access to company systems and health records. As part of their mitigation strategy, healthcare leaders should incorporate email security software that uses URL filtering as well as attachment sandboxing
• Invest in Threat Hunting: Threat hunters are crucial in finding threats before they’re able to infiltrate a network. They effectively engage in cyber hand-to-hand combat with adversaries. For organizations who don’t have the funds nor size to facilitate their own threat hunting team, there are managed services available. In fact, we’re currently seeing a surge in the use of a managed detection and response (MDR) approach by pharma companies in India.
• Run Tabletop Exercises: Even the best solution in the world requires practice and preparation. Tabletop exercises with security teams, IR, legal, insurance and necessary people from ground to board level will ensure everyone knows where they need to be and what they need to do to save their business in the event of an attack.

Healthcare leaders should also add Endpoint Detection and Response (EDR) to their cyber strategy. EDR detects and mitigates cyber threats through continuous and comprehensive real-time visibility into a network’s endpoints. Behavioral analysis and intelligence is then applied to endpoint data to stop breaches when attempted.

The online doctor consultation market is expected to be over $800 million by FY24, growing at 72% CAGR, according to a recent report by Praxis Global Alliance. But with the heightened demand for telehealth and virtual care, vaccination drives, and more devices on the network, there has never been a more critical time to address the cybersecurity strategy in the sector.

“A hospital room is equipped with an average of 15-20 devices connected to the internet in today's world of healthcare. The proliferation of medical and internet-connected devices in healthcare brings both clinical benefits and security risks,” Vishak Raman, Director, Security Business, Cisco India and SAARC, said.

Healthcare providers need an integrated, unified, end-to-end security portfolio to help address privacy requirements, improve threat detection, and reduce management complexity, he added.

While it has been more than a year since the pandemic struck, threat actors are still hell-bent on disrupting the networks of healthcare facilities. Since healthcare IT systems contain sensitive patient data, the sector has long been a target for hackers.

Cybercriminals are drawn to healthcare networks because of widespread flaws that offer lucrative opportunities, which is why attacks are on the rise. Ransomware-as-a-service has become the norm in the cybercrime community in the healthcare industry this year.

“Despite the huge benefits telemedicine, digital health records, internet-connected medical devices, and patient wellness apps have brought to health care, cyber criminals are exploiting vulnerabilities in these digital health services on a daily basis,” Akshat Jain, CTO & Co-founder, Cyware, said.

Cybercrimes has advanced at a rate which can no longer be ignored. If everyone implements stronger security practices, raises community awareness, educates vulnerable audiences, the internet can be safer and resilient.