Image courtesy: cyberpeace institute
As the healthcare system strives to provide life-saving services while striving to transform treatment and medical safety with emerging technology, hackers and cyber security actors look for opportunities to leverage the loopholes that come with these improvements. Since last year, the number of attacks on healthcare providers has steadily risen being reason to be alarmed.
Scripps Health, a non-profit organization headquartered in San Diego with five hospital sites, was forced to close down its IT networks operating its healthcare facilities on May 1 due to a cyberattack. The episode severely hindered healthcare, requiring medical staff to rely on paper notes. Furthermore, the machine is already down and there is no word about whether it will be back up and running.
Although it has been more than a year since the pandemic hit and more than 3 million people have died, threat perpetrators are still hell-bent on destroying healthcare networks with no regard for human lives. The healthcare sector is beset with a slew of cybersecurity problems. Furthermore, widespread vulnerabilities in the healthcare system generate lucrative opportunities for cybercriminals, fueling the increase in threats.
Further, a violation occurred at the University of Florida Health Shands, affecting 1,562 people. Names, phone numbers, addresses, dates of birth, and medical record numbers, as well as health records from ER appointments, are believed to have been obtained. Similarly, CaptureRx, based in San Antonio, was hit by a ransomware attack in February, and the attackers obtained access to more than 24,000 people’s Personal Health Information (PHI). Several of CaptureRx’s healthcare provider clients were also affected by the attack.
Another incident happened at UnitingCare Queensland, a health and community care agency, which was struck by REvil, causing the hospital to be suspended from the national My Health Record scheme.
Ransomware attacks are no longer limited to financial theft, but have spread across all boundaries, including states, geography, and industries. The healthcare sector has borne the brunt of these threats, which are unlikely to abate anytime soon. As a result, it is recommended that device bugs be promptly fixed and that appropriate steps be taken to protect against these risks.