Wednesday, January 10, 2018

The doctor's disease

In Spain, where this Research Center is based, we are on the rainy season. And we already know that the rainy season it´s time of virus. Viruses and bacteria proliferate in rainy weather due to humidity and heat so, in addition to having to coexist with this uncomfortable, but necessary, atmospheric phenomenon, we have to protect ourselves so as not to catch a virus that spoils the game.

In the world of cybersecurity, bacteria also grow, and they don´t differentiate between doctor and patient. The healthcare sector is suffering and we have to think about a drug to cure it. In the study of the week we bring the results of the research carried out by Cryptonite. During 2017 healthcare has suffered a total of 140 data breach events reported to HHS / OCR as hacking actions, which represent an increase of 23.89% over the 113 hacking attacks reported in 2016.

Criminals have opted for ransomware attacks as their favorite when it comes to attacking healthcare. The number of attacks attributed to ransomware has increased 89% from 2016 to 2017. Looking outside the health sector, we see a large increase in ransomware attacks, in fact, the 6 most devastating cyberattacks of 2017 were labeled as ransomware attacks .

The attacks have diversified against a wider branch of health care entities. In recent years, cybercriminals invested more time and effort in the largest health institutions, as evidenced by the 2015 events that affected Anthem (78.8 million records), Premera Blue Cross (11 million records) and the events of 2016 that affected Banner Health (3.6 million records) and Newkirk Products (3.4 million records).

The complexity of the tools used by cybercriminals lower the cost and the time for cyberattackers to target smaller healthcare institutions. Now they can reach physician practices, surgical centers, diagnostic laboratories, MRI/CT scan center and many other smaller yet critical healthcare institutions. The bad news is that bearing in mind the way this problem increases, it will be something to solved by 2018.

According to Michael Simon, President & CEO of Cryptonite, the IoT devices in healthcare also represent new and expanding opportunities for cyberattackers: “Cyberattackers target healthcare networks primarily for two primary reasons – to steal the medical records they contain or to extort ransom payments. Medical records are the targets of choice, as this data is highly prized to support identity theft and financial fraud”. 2017 has been the year of ransomware and it looks like 2018 will remain the same considering that IoT devices are now ubiquitous in health care – they are already present in intensive care facilities, operating rooms and patient care networks.

Criminals have chosen ransomware attacks, both outside and inside the health sector, due to the rapidity of payments and the anonymity provided by this strategy. Although no cases of physical damage to patients due to a medical device have been confirmed to date, it seems only a matter of time before this happens and that an attacker as malicious intent takes advantage of the most vulnerable area of hospital networks. Health is to be taken seriously, so it´s time to put barriers to this virus.


Post a Comment