- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Type of Threat or Opportunity >
- Trend snippet: Cyber attacks are increasing and evolving as they continue to exploit vulnerabilities in the healthcare sector's fragile digital infrastructure and weaknesses in its cybersecurity regime
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Cyber attacks are increasing and evolving as they continue to exploit vulnerabilities in the healthcare sector's fragile digital infrastructure and weaknesses in its cybersecurity regime
- Ransomware creates both an immediate risk to patient care and long-last impact on healthcare organizations. The escalation of ransomware attacks are particularly dangerous as they put both patient care and healthcare sector capability in jeopardy.
- Healthcare has a fragile digital infrastructure. Threat actors are exploiting the complex, vulnerable, and sometimes outdated healthcare digital environments including medical devices and IT infrastructure. Security-by-design does not apply to legacy systems and is difficult to achieve with the multiplication of connected endpoints.
- Healthcare cybersecurity is under-financed.
- Technical and human resource limitations are preventing a healthy information-sharing environment within the healthcare sector.
Healthcare provides experienced a total of 348 ''hacking/IT incident'' related data breaches in 2020. This is a 39% increase from 2019.
Attacks are increasing and evolving as they continue to exploit vulnerabilities in the healthcare sector’s fragile digital infrastructure and weaknesses in its cybersecurity regime. • Attacks are increasing as the arsenal of weapons used to target healthcare is evolving. Attacks on healthcare are not a new phenomenon but the COVID-19 pandemic is giving rise to an alarming convergence of malicious and irresponsible behaviors: vaccine research centers are targets of cyberespionage; hospitals are held to ransom with little choice but to pay to maintain operations; healthcare professionals and international health organizations are targeted with a blend of disinformation and cyberattacks aimed at undermining their credibility. As national statistics have shown, data breaches against healthcare in 2020 have increased significantly. • Ransomware creates both an immediate risk to patient care and long -lasting impact on healthcare organizations. The escalation of ransomware attacks are particularly dangerous as they put both patient care and healthcare sector capability in jeopardy. The ransomware business model is in constant evolution, notably via the double extortion tactic. It is characterized by increased cooperation among cybercriminals, who have sought to maximize reach and increase profits. As a result, healthcare organizations suffer from costly and time-consuming disruption, requiring funding to recover and improve their systems, retrain staff, and manage reputational damage. Losing access to medical records and life-saving medical devices obstructs the healthcare professionals’ ability to effectively care for their patients immediately and in the long run. • Healthcare has a fragile digital infrastructure. Threat actors are exploiting the complex, vulnerable, and sometimes outdated healthcare digital environments including medical devices and IT infrastructure. Security-by-design does not apply to legacy systems and is difficult to achieve with the multiplication of connected endpoints. The healthcare security perimeter is widening, and as such calls for a closer look into the resilience of the supply chain. • Healthcare cybersecurity is under -financed. Although a minority of large healthcare actors have deployed major cybersecurity programs, the vast majority of the sector suffers from a systemic lack of resources to secure its infrastructure, train its personnel, and hire and retain cybersecurity staff. The growing threat landscape exacerbates this resource gap, as attacks generate loss of revenue, new risks introduce higher cybersecurity costs to secure medical devices, hardware and software, including the rapidly expanding telehealthcare supply chain. • Technical and human resource limitations are preventing a healthy information-sharing environment within the healthcare sector. Beyond the lack of financing in cybersecurity, the healthcare sector lacks technical and human resource capacities to send, receive and use threatrelated information (i.e. indicators of compromises, e-evidence, threat intelligence). Sharing this information is critical to improving resilience and enabling rapid recovery. Best practices garnered from more mature sectors are not implemented at scale in healthcare (e.g. financial sector).
3.2 Data breaches – from theft to cyberespionage The pandemic has been accompanied not only by an acceleration of ransomware attacks against healthcare but also by an increase in healthcare data breaches. According to the US Department of Health and Human Services (HHS), healthcare providers experienced a total of 348 “hacking/IT incident” related data breaches in 2020 – a 39% increase from 2019 – with over 18 million individuals affected (U.S. DoHHS, no date).11 In 2019, the HHS registered 250 such incidents, with 26 million individuals affected (see Figure 7). This trend is also reflected in the identifiable surge of advertised healthcare data on underground criminal markets, where the data is sold for immediate financial gain or as a potential access point for more lucrative victims (Zaidenberg, 2021)