Why cybercriminals target healthcare organizations

Why cybercriminals target healthcare organizations

The saying “There’s no honor among thieves” takes new meaning when we consider how cybercriminals deliberately attack hospitals and other healthcare institutions, showing little to no regard for the value of life.

With hospitals in North Carolina and the rest of America struggling to take care of COVID-19 patients since early 2020, criminals have made matters worse by ramping up their cyberattacks. Last year, a nongovernment organization called Recorded Future counted 26 American healthcare providers falling victim to ransomware from January to May.

As of May 25, 2021, the Health Sector Cybersecurity Coordination Center (HC3) of the Department of Health & Human Services (HHS) has recorded 82 ransomware incidents worldwide for this calendar year. Forty-eight of those occurred in the United States, which means that at least one attack was launched every three days in the country — and this is only counting what the HC3 is aware of.

Why are cybercriminals increasingly targeting healthcare organizations? Let’s take a look at the factors that are contributing to this phenomenon.

Healthcare institutions are treasure troves of information

Organizations in the healthcare industry gather and use valuable patient information all the time, such as credit card information, Social Security numbers, and prescriptions. By acquiring such data, cybercriminals can make illicit purchases using patients’ financial accounts or divert funds to their own accounts. They can also gather prescriptions for medicines containing controlled substances and obtain these to concoct illegal drugs.

Furthermore, attackers can also sell stolen data on the dark web. Medical information fetches higher prices than credit card numbers because credit card accounts can be easily closed, which means that the information relating to those accounts will be useless. However, health information is more permanent and unique to each individual. Medical records can only be subject to updates, but not to changes since these are used as vital references for proper patient care. These records also make patients identifiable according to their medical histories, conditions, and unique physical traits. Identity thieves can use these pieces of information to impersonate patients and commit fraud.

Ransomware is no mere nuisance — it is a scourge that inhibits hospitals and clinics from providing medical care to their patients.

Healthcare organizations have insufficient cybersecurity

While hospitals in the US may boast having some of the most advanced medical technologies and procedures in the world, they don’t necessarily implement the best cybersecurity technologies and practices.

What makes matters worse is the fact that cyberattackers don’t have to employ the most cutting-edge technology. Rather, they can just use cunningly crafted emails to trick hospital staff into downloading ransomware-laced attachments or opening links that lead to malware-laden webpages.

This means that aside from having to upgrade their cybersecurity tools, healthcare organizations need to bolster the cybersecurity awareness and skills of their staff. And given how healthcare workers still have their plates full due to the persistence of COVID-19, training them effectively to thwart cyberthreats is a tall order.

Hospitals will pay when lives are at stake

Ransomware is no mere nuisance — it is a scourge that inhibits hospitals and clinics from providing medical care to their patients.

  • Hospitals have to send new patients to other hospitals because their IT systems are down and they can’t admit those patients.
  • Hospitals need to operate under downtime protocols, such as having to rely on paper records instead of digital ones.
  • Ransomware victims have to divert energy to recovering their IT systems.
    Facilities that can’t pay the ransom and don’t have paper or digital backups can’t operate and are forced to shut down, which means fewer medical services for communities.

More importantly, life-or-death health information may be locked away by ransomware. If backups are insufficient or nonexistent, then hospitals would have no choice but to pay the ransom to get their data back and keep their patients from dying.

It’s important to note that an attacker may not provide the proper decryption keys to their victim despite having accepted the ransom payment. After all, there is no honor among thieves.

Ransomware is hitting the healthcare industry especially hard, though by no means is it limited to that sector. Rather, ransomware is a threat to businesses from every industry and of all sizes. For comprehensive cybersecurity protection, turn to SpectrumWise. Drop us a line to learn more about how we can protect your business.