By Jeff Wardon, Jr., Assistant Editor

Cybercriminals have become bolder in their operations. If the initial attack fails, a backup attack is likely to follow. Healthcare facilities need to be diligent with their defenses.  

The deceptive practices cybercriminals use bear parallels to those used in espionage, says Eric O’Neill, former counterterrorism and counterintelligence operative for the FBI.  

“In fact, cyber criminals are not only learning from, but they are emulating the best in the business: spies,” says O’Neill. “So, you not only have to worry about foreign threat actors, but you also have to worry about cybercriminal gangs that are sophisticated, well-funded and making trillions of dollars in ransomware. They are leveraging the same sort of deceptive attacks that come from espionage.” 

A lot of this is social engineering, says O’Neill, as the attackers are striking at an individual to use them as a gateway into data centers and accessing critical data for the healthcare industry. To make matters worse, healthcare is seen as an “incredibly vulnerable” industry for cybercrime.  

Healthcare’s major vulnerability 

It’s no secret, healthcare organizations are a major target for cybercriminals and their schemes. With nearly daily reports of cyberattacks on healthcare organizations, both big and small, one begins to wonder why they seem to have bullseyes on their backs.  

O’Neill says that this is because healthcare is perceived as not having robust cybersecurity protection, making them a prime target for attack. Complicating things is the perception that healthcare organizations are more likely to pay out on a ransomware attack. 

“They are perceived as generally paying because patient care suffers when systems go down,” says O’Neill. “Cyber attackers also know that the healthcare industry maintains very critical data that can cause massive reputation-related harm and severe downstream damage in identity theft. Because of this, they're perceived as being more likely to pay to get their data back or for the cybercriminal to destroy the data and not publish it on the dark web.” 

Also, if a cyberattack is successful, it can cause down time for healthcare facilities, meaning facility operations and patient care are both negatively impacted. In turn, that can lead to loss of revenue and a bruised reputation, among other things.  

However, there are steps healthcare organizations can take to address their cyber vulnerabilities. 

Building out cybersecurity 

To build protection, healthcare organizations must look at their data, identify the most critical data they have and then build their cybersecurity around that by investing in robust cybersecurity tools, tactics and procedures, says O’Neill 

Organizations need cybersecurity training and technology that allows them not just build defenses, but also hunt down potential threats. O’Neill explains that an organization can’t just say they have a firewall built around their data to prevent anyone from getting in.  

“They will get in,” says O’Neill. “Cybersecurity also must be a spy hunter for you. It needs to hunt down that threat that is trying to compromise your data and prevent it from exfiltrating that data.”  

Lastly, cybersecurity isn’t a “set and forget” solution. There not only has to be a plan ahead of time and consistent training, there also has to be a constant assessment of cybersecurity, O’Neill says. Every time something changes in an organization’s data, whether it be mergers, acquisitions or a new partner, the healthcare organization must reassess and recalibrate to ensure that a hole hasn’t opened up in their data. 

“Cybersecurity is not just technology that is purchased and installed, but it's understanding where the data is, who has access to the data and then building defenses around that data to make sure that people who aren’t authorized don’t have access,” says O’Neill. “Those protections must be built after there is a plan to protect the data, not just going to a cybersecurity company to install software on everyone's computers and thinking that a solution will just magically happen.” 

Jeff Wardon, Jr., is the assistant editor for the facilities market.