Changing Threats in Healthcare

                October is cybersecurity awareness month. All month long, many organizations have made it a priority to spread awareness to the members of their organization as well as disseminating information to the public on how to protect themselves.

                Over the last decade, I am sure you have heard about your healthcare data and the importance of HIPPA to healthcare organizations. Healthcare data is essential to protect; every person reading this article right now plays an integral part in securing this type of data. As a consumer of healthcare products and apps, it is necessary to focus on protecting your data. Working in a healthcare company puts a unique amount of risk to threats we face. 

                Over the last four years, the threats have changed significantly. According to Steve Mansfield-
Devine (2017), the threat landscape has changed from stealing and selling patient data to attacking healthcare organizations using ransomware techniques. Ransomware is a malware type that takes over a computer’s records and holds it ransom until the owner of the data pays the ransom. Most of the time, this type of attack uses encryption and encrypts the files of the computer and will not release the decryption key until the ransom is paid. You may have heard of this in the news recently. Personal Identifiable Information or PII is not worth as much as it used to be because of the massive amounts of data breaches that have occurred over the last few years. Stolen health data was worth $75.00 – $100.00 per patient in 2015, now that price has dipped to $25.00 to $50.00 per patient record on the dark web (Mansfield-Devine, 2017).  Ransomware attack averages are much higher. Healthcare organizations cannot afford to have downtime for patient safety and financial reasons, which means they are twice as likely to pay the ransom. The Crytpolocker attack that happened in 2013 made the attackers $30,000,000 in 3 months (Slayton, 2018). 

 Attackers are financially motivated to attack healthcare organizations, who cannot afford downtime. Many small healthcare organizations could not afford to pay the ransoms that the attackers are requesting. Even if they were able to, HIPPA regulators could fine the companies for each patient record that was attacked, which could bankrupt an organization. For most, this should be incentive enough to ensure the safety of files. Some of the ransomware attacks are linked to Nations such as North Korea or related to criminal and terrorist organizations. 

                Many of the ransomware attacks have stemmed from phishing and spamming campaigns (Mansfield-Devine, 2017). Weaknesses in protocols, such as the SMB protocol has led to ransomware spreading and infecting entire networks. It is crucial to understand how these types of infections spread and to be wary about clicking on links. Many of the attacks come from what is called spear-phishing. In spear phishing, the attacker crafts an email from a client or member of the organization, and requests that the user opens a malicious pdf or click a link that downloads a malicious file onto their computer. The malicious file allows the attacker to control the victim’s computer. As healthcare professionals, we are all responsible for protecting the data integrity of our clients as well as protecting our data. Ensure you are not clicking on any links that are being sent to your email unless you can confirm the validity of the email. If you are unsure, do not hesitate to ask, no one will be angry with you for ensuring the security of the organization. It is the responsibility of everyone to protect company assets as well as protecting your data.

Works Cited.

Mansfield-Devine, S. (2017). Leaks and Ransoms- The Key threats to Healthcare Organisations. Network Security. June(2017).

Slayton, T. (2018). Ransomware: The Virus Attacking the Healthcare Industry. Journal of Legal Medicine. Doi: 10.1080/01947648.2018.1473186

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s