Over the past few years, cybercriminals have ramped up their efforts to target hospitals and healthcare organizations and 2017 was no different. Healthcare providers were responsible for the majority of the reported breaches last year as hundreds of breaches occurred with millions of patient records exposed.

What Was Behind the Increased Attacks?

Last year, a great deal of attention was placed on vendor management (and rightly so after the number of incidents in 2016). However, this shift in focus also created new opportunities for cybercriminals. Criminals shifted their tactics to attacks such as ransomware, which have devastating consequences, especially for providers. One theory holds that attackers sought out providers more frequently, hoping that a hospital might be more willing to quickly pay a ransom to ensure uninterrupted patient care and ensure life safety.

And, while it is impossible to predict exactly what tactics cybercriminals will use this year, it’s likely that we will continue to see hospitals and other providers being targets of opportunity.

 What Cybersecurity Issues Will Healthcare Organizations Face in 2018?

So, what specific cybersecurity issues should hospitals and healthcare organizations be watching for in 2018? More importantly, what can you do to prepare? Our team at LBMC Information Security has spent countless hours considering these questions. Here are three areas we believe are important to consider:

  1. Ransomware

Four of the top five healthcare cybersecurity breaches reported during 2017 were ransomware attacks. While the final numbers are still being tallied, it’s estimated that global ransomware damage costs might cost as much as $5 billion in 2017, which is 15 times greater than the cost in 2015. The increasing number of these attacks is even more dangerous for hospitals as patient care can suffer.

The best way to protect your hospital against a ransomware attack is to make sure you have strong network security and segmentation in place, keeping “would be” hackers out. If your facility is hit, having a backup strategy in place is key, as this will ensure systems can be restored after the initial incident has been resolved. We also can’t understate the need for good response plans so that your organization has rehearsed exactly how to react to limit the damage and restore operations in a rapid fashion.

  1. Insider Attacks

One of the largest cybersecurity attacks of 2017 was a result of insider activity—specifically, unauthorized access through stolen media by a now-former employee. Unfortunately, hospitals are gold mines for cyber-criminals, as they are filled with PHI, which can go for $50 or more for each record.

To protect themselves against insider attacks, hospitals need to have detailed data governance, risk management, and data security policies in place to make sure all employees are aligned with the organization’s cybersecurity strategy. Furthermore, data leak prevention (DLP) technologies paired with good monitoring of Intrusion Detection and Prevention systems can help you identify data that may be leaving your protected network inappropriately, even with a trusted individual.

  1. Cloud Attacks

As more hospitals and healthcare organizations turn to the cloud to help improve patient care and collaboration, cyber-attackers are seeing it as a new opportunity. And while HIPAA regulations are designed to ensure hospitals are doing their parts to ensure privacy and security, compliance—by no means—guarantees security.

If your hospital uses cloud-based services, you should understand exactly what information assets are in the cloud in order to map out the specific systems, people, and processes you will need to access those assets. Additionally, leveraging tools such as IDS/IPS systems, SIEM, and multi-factor authentication are also valuable for adding extra layers of access control, detection, and prevention.

The Key to Protecting Your Hospital or Healthcare Organization Against an Attack This Year…

Diligence will continue to be the key—from knowing and understanding your organization’s risk profile and vulnerabilities to administrative and technical solutions that proactively address human, technical, and environmental threats.

Whatever issues hospitals might face in 2018, BALLAST was designed as a tool to help healthcare organizations maintain the level of attentiveness and agility needed to address the latest cybersecurity threats. To learn how BALLAST can help you determine if your hospital is protected against ransomware, insider attacks, or cloud attacks, click here to speak with one of our team members today.

Mark Fulford

Mark Fulford

Mark Fulford, CISSP, CISA, ABCP, CRISC, is a Shareholder in the risk services division of LBMC, PC. With nearly 25 years of experience in information security audit and compliance, Mark understands how to translate technical jargon into actionable intelligence. With significant experience in healthcare, his expertise includes assisting companies with Sarbanes-Oxley, HIPAA & PCI, HITRUST compliance, as well as providing assurance to clients and their stakeholders through SOC 1 and 2 reporting engagements. More recently, his focus has been on helping organizations identify and manage information security risks through both guided and automated risk assessment techniques.