Healthcare was the most affected industry by cybercrime in 2022. This is confirmed by the Clusit 2023 report (Clusit is the Italian Association for IT Security): worldwide, attacks on healthcare accounted for 17% of the total from January to March 2023, compared to 12% in 2022. In particular, attacks on medical-hospital facilities have tripled in Italy in the last four years.

In an industry such as healthcare, the effects of cybercrime are not limited to negative economic or privacy implications, but directly impact the health of communities and private citizens. Simply consider the ransomware attack of Prospect Medical Holdings’ US hospital facilities last August, forcing a total blockage of appointments, surgeries and diagnostic tests for a few days and causing enormous inconvenience and potentially damaging delays to patients’ health. There was also a hacker attack at Fatebenefratelli-Sacco Hospital in Milan last year, which sent the facility’s computer system into a tailspin, again causing slowdowns and forcing patients to go to other facilities. This phenomenon cannot and must not be overlooked, and requires significant investigation to identify vulnerabilities and develop effective defence strategies.

Why is the healthcare industry in hackers’ cross-hairs?

Of all the types of data on the web, healthcare data are the most valuable.

A hacker attack on a healthcare facility allows access to patient records and thus to very detailed data, which can be used for identity theft and other types of crime, or can be resold on the dark web for sums of up to USD 2,000.

It must also be considered that hospitals and clinics cannot afford prolonged shut-downs.This makes them the perfect target for ransomware attacks, which play on the encryption of crucial data and the demand of a ransom to decrypt them and make them available again quickly.

Not least, the healthcare industry is one of the most vulnerable because on the one hand, many hospital technologies are now obsolete and flawed in terms of data protection. On the other hand, the digitisation of healthcare is bringing useful changes but also new risks and threats, with integrated technology systems potentially open to attack on several fronts. Let’s take a deeper look.

The most common cybersecurity issues in healthcare and the most common types of attacks

According to a report by IBM, the most common problems in the healthcare industry depend on:

  • Malfunctioning computer systems: source code errors or problems with automated communications.
  • Human error: forgetfulness or negligence of employees or external collaborators.
  • Increased digitisation: offices of general practitioners in Italy are now connected to the National Health System, hospitals, diagnostic centres. The data collection tools (used to monitor the health of patients with chronic diseases such as diabetes) are in turn connected to a central system. The gateways for potential malicious acts have therefore multiplied in only a few years.
  • Lack of awareness of healthcare and administrative staff with regard to healthcare cybersecurity best practices.

All these vulnerabilities leave the door open to various types of hacking. The most common include:

  • Ransomware: data encryption and blocking by the hacker, which can be unlocked through the payment of a ransom (usually with cryptocurrency).
  • Supply chain attacks: hacking of integrated systems management between various healthcare facilities connected to a single centralised cloud.
  • Phishing and compromise of corporate emails
  • Identity theft and hacking private accounts.

The impact of a lack of cybersecurity strategy in healthcare

In addition to the breach of privacy, the failed data protection and the economic consequences of a hacker attack, the impact of an attack in the healthcare industry is also tangible on patients’ health.

Cyberattacks on healthcare facilities can cause interruptions in diagnostic procedures and tests, leading to serious consequences such as longer hospitalisations or delayed visits. These aspects have a negative impact on patient care, causing potential – and at times significant – damage to health, as well as on the efficient and effective management of clinics and hospitals.

Most of the healthcare facilities surveyed for the Clusit 2023 report believe that cloud, mobile, big data and IoT technologies are an important evolution in patient care but also an additional source of IT and patient security risks.

Given the highly impactful effects on several fronts, what can hospitals, clinics and healthcare facilities do to defend themselves and prevent hacker attacks?

Five tips for cybersecurity in healthcare facilities

Healthcare facilities can prevent hacker attacks by adopting by-now indispensable cybersecurity solutions. According to our Boolebox experts, the most important defence strategies are:

1. Data encryption: this is the highest form of protection. Even if a hacker manages to gain access to the healthcare facility’s computer systems, thanks to encryption, they will not be able to interpret the information found. This is why the entire IT system of the facility, including backup data on networks and clouds, must absolutely be encrypted. At Boolebox, we have developed data protection software (also applicable to third-party applications) that uses military-grade encryption and can be customised to healthcare facilities’ specific needs.  

2. Segmentation of the hospital IT network: having certain devices (such as monitors that transmit real-time information on patients’ health) connected to a virtual network other than that of the centralised IT system of the facility can be a very important aspect in preventing hackers from gaining access to all data in a single attack.

3. Access control: access to information must be restricted to authorised staff and, in addition, they must only have access to the information they need to carry out their duties. Two- or multi-factor authentication, including via physical devices with security keys, is essential.

4. Periodic risk analysis: this is essential to keep the IT system and stored data healthy. Based on the analysis results, the system can be strengthened to prevent potential future vulnerabilities and identify new action points for data defence. The creation of encrypted backup procedures and contingency plans is crucial.

5. Staff training: medical and administrative staff must be aware of the risks and cybersecurity best practices to be adopted in order to avoid attacks and consequent major damage. To date, human error is the most common vulnerability that is difficult to limit.

For more information on cybersecurity in healthcare, don’t hesitate to contact us. Our experts are on hand to identify the most suitable solutions for you.