Healthcare Systems Need To Rethink Cyber Security: Report

Healthcare organizations need to remain transparent when it comes to how patient data is used

By Mackenna Moralez, Assistant Editor


Hospitals and other healthcare facilities need to renew their focus on cyber defense fundamentals by reevaluating their security infrastructures, according to Healthcare IoT Security Operations Maturity – A Rationalized Approach to a New Normal, a report by Medigate and CrowdStrike, that details recent cyberattack trends. 

Cyberattacks have been on the rise since the beginning of the COVID-19 pandemic, and healthcare delivery organizations (HDOs) are among the favorites to target. As Healthcare Facilities Today previously reported, more than 200 hospitals have been targeted in the last three yearsHowever, the report found that 82 percent of health systems have experienced some form of internet of things (IoT) attack. Thirty-four percent of attacks were ransomware, 33 percent reported paying the ransom, however, only 69 percent of those who paid the ransom said that its data was fully restored.  

But not all organizations have come out unscathed. For example, in mid-2020, a ransomware attack forced a U.S.-based university to delay or cancel procedures and appointments for 40 days. According to the report, while systems were down, more than 150 staff members were either furloughed or reassigned, costing the hospital $1.5 million a day, totaling $64 million after the 40 days.   

“Healthcare now understands the reality of the threat and is doing something about it, and that’s a good thing,” Jonathan Langer, co-founder and CEO, Medigate said in a press release. “But when faced with all the advanced options promoting layered defense capabilities, we thought it was time to detail a more simplified approach. HDOs require a unified security approach to defend against the evolving threat landscapes.” 

There is no federal law that bans ransomware payments, but that changes on the state level. According to the report, four states have proposed laws that would stop or restrict the practice. Regardless, it forces HDOs to reevaluate how they need to prevent attacks in the future.  

Currently, less than one-half of healthcare facilities perform routine monitoring and risk mitigation processes. Meanwhile, 54 percent of healthcare systems have stated that a data breach would be critical to its reputation. It is up to managers to continuously make sure that patients’ and residents’ personal information is safe. Late last month, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation reminded healthcare facilities and other organizations to remain vigilant to cyberattacks as the holiday season is an especially vulnerable time.  

“As sophisticated threat activity continues to accelerate and the number of medical devices connecting to hospital networks increases, the healthcare industry continues to be a prime target for threat actors,” says Drex DeFord, executive healthcare strategist with CrowdStrike“HDOs must implement a modern, layered-defense strategy that continuously improves visibility, incorporates EDR and includes containment capabilities so that they can accurately detect, respond and prevent sophisticated attacks.” 

 

Mackenna Moralez is assistant editor with Healthcare Facilities Today. 



December 7, 2021


Topic Area: Information Technology


Recent Posts

17 Million Patient Records Stolen in PIH Health Ransomware Attack

A ransomware attack halted operations across three of PIH’s hospitals.


Holidays are Prime Times for Healthcare Cyberattacks

A study found that 86 percent of organizations that experienced ransomware attacks were targeted on a holiday or weekend.


Hartford Healthcare Forms Partnership to Open Health Equity Clinic

The new clinic will open in January 2025.


UCHealth Reveals Plans for Memorial Hospital North Expansion

Construction on the patient tower is slated for 2026 with a projected opening to patients in 2029.


What Are 'Hospi-tels'?

Hospitals and hotels are partnering to better cater to patients and families.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.