Cybercriminals target healthcare for personal health information

Healthcare organisations face rising phishing and remote access attacks.

Healthcare has become a prime target for cybercriminals, with each breach costing more than $10 million on average. The key reason is simple: valuable data. 

"Well, you've got to take it a step back and actually answer the question, what is it that hackers are actually after? It's actually data, because in this day and age, data is actually money," said Ashwin Pal, Partner for Cyber Security & Privacy Risk Services at RSM Australia.

"Personal information can be used to sell it on the dark web, which can then be used to get credit and things like that," Pal explained. Additionally, personal health information, which is highly sensitive, can be exploited for malicious purposes, such as blackmail.

Two of the most common types of cyberattacks targeting healthcare organisations are phishing and remote access exploits. Phishing attacks involve sending deceptive emails to trick recipients into revealing valid credentials, such as usernames and passwords, which hackers then use to infiltrate healthcare systems. 

Remote access attacks, on the other hand, take advantage of vulnerabilities in organisations' remote access systems, allowing hackers to breach systems from anywhere in the world. “Remote access has two key issues. One is, obviously, anybody can use that mechanism to get into an organisation from anywhere in the world, and it's actually got that level of anonymity almost,” Pal explained.

To counter these growing threats, Pal recommends a multi-layered defence strategy focusing on people, process, and technology. “On a people front, you need to be educating your users to make sure that they don't actually fall victim to these types of emails,” Pal advised, stressing the importance of employee awareness and training.

In terms of processes, healthcare organisations should implement strong policies and procedures, along with regular training, to ensure users know what actions to take. However, human error remains a risk, which is why Pal emphasised the need for technological defences. “There are a number of technological solutions that could be employed,” he said, listing critical tools such as endpoint detection and response (EDR) solutions, email and web filtering, and multi-factor authentication (MFA).

“If somebody is trying to steal your password, without that second factor, it'll be difficult or impossible for them to actually get in,” Pal explained. Other technologies, like data leakage prevention and secure remote access solutions, are also essential in safeguarding healthcare data from cybercriminals.