Healthcare services are fundamental and essential to society in the promotion and maintenance of health, management and prevention of diseases, reduction of unnecessary disability and premature death, and in the achievement of health equity. In most nations, healthcare is considered a human right and should be available whenever needed. The lack of healthcare services increases the human risk of exposure to diseases, malnutrition, and pregnancy complications whenever there is no proper help and support (Razaque et al., 2019). The current technological age and advancement have seen healthcare adopt some of the technologies to enhance its services to patients in health for humanity. According to Lee & Jackson (2018), healthcare has adopted some technologies such as Chatbots, voice search, blockchain systems, telemedicine, 5G technology, electronic health records (EHR), virtual or augmented reality, and wearable technologies. Technology has affected healthcare just as much as it affects every other life aspects. Today, technological advancement has made data collection, conducting research, and developing several treatment options in healthcare a potential driver of healthcare success. Medical experts have used technology to create monitoring devices such as digital thermometers, wireless sensor technologies, blood glucose indicators, and heart rate monitors. However, just like any other industry using some form of technology, healthcare faces the threat of cyber-attacks. Healthcare administrators have to deal with such attacks to ensure they protect patients and their caregivers from any form of attack.
The Problem of Cyber-Attacks in Healthcare
The healthcare sector and its personnel often focus on offering life-critical services to enhance treatment and patient care with new technologies. Cybercriminals see healthcare as an easy target with weak defenses and an easy way to make money using medical data from electronic healthcare technology. They exploit the vulnerabilities of the healthcare systems that come with the usage of new technologies. The cybercriminals have higher incentives for medical databases than for regular personally identifiable information (PII) because either Personal health information PHI is more valuable in the black market than the PII or credit card credentials (Dogaru & Dumitrache, 2017). Cyber-attacks are a significant frustration to healthcare information technology (IT) and cybersecurity specialists. Cyber-attacks are not unique to the healthcare industry and affect other critical infrastructure sectors such as water and electricity. The healthcare sector's nature and mission present distinct challenges with possible ramifications such as loss of human life, which are much beyond financial loss and privacy breach violation due to cyber-attacks. The increase in connectivity of the existing computer networks exposes medical devices to cybersecurity vulnerabilities. Cybersecurity breaches in healthcare are a threat to human life; they reduce patient trust and cripple healthcare systems (Tan, 2020).
Delegate your assignment to our experts and they will do the rest.
Types of Cyber-Attacks in Healthcare
The healthcare sector faces many cyber-related issues that could be malware, which compromises the systems integrity and patient privacy or distributed denial of service attacks (DDoS), which adversely limit and interfere with the healthcare facilities’ ability to provide quality patient care.
Ransomware
There has been an increase in the number of hospitals that report cyber victimization. The MS-ISAC and the National Health Information Sharing and Analysis Centre (NH-ISAC), together with Financial Services Information Sharing and Analysis Centre (FS-ISAC), have acknowledged the increasing trend of ransomware attacks against the healthcare sector. Ransomware attacks infect files and systems and make them inaccessible to the appropriate healthcare personnel until payment of a ransom is complete. Ransomware attacks slow down critical healthcare processes and, in other cases, make them completely inoperable. In the event of ransomware attacks, hospitals are compelled to resort to using the pen and paper systems, with the attacks slowing medical processes and soaking up critical funds that would otherwise help modernize the hospital. Deployment of ransomware is through phishing emails with malicious attachments, attempts to click on the malicious links, or viewing advertisements containing malware (malvertising). Cybersecurity has a challenge keeping up with such ransomware attacks due to the techniques, ever-evolving tactics and variants, and TTP procedures. The ease of launching such ransomware attacks by anyone with little or no technical skills due to platforms like service [i] (RaaS) further complicates the issue in healthcare (Dogaru & Dumitrache, 2017).
There number of cyber-attacks on the United States (U.S.) hospitals has been on the rise, with the federal bureaus of investigation (FBI) warning of coordinated criminal attacks on the nation’s healthcare system as existing (Associated Press, 2020). The attackers focus on infecting healthcare system networks with ransomware and charge higher-than-usual fees for its removal. The increased and imminent threat of cyber-attacks on healthcare systems raised by the Department of Health and Human Services (DHHS) has been evident in previous attacks. In October 2020 alone, five U.S hospitals were hit with the attackers, according to the FBI planning to target 400 more hospitals before the year ends. The University of Vermont Health Network confirmed such network symptoms similar to past cyber-attacks. The St. Lawrence Health Systems of New York and the Sky Medical Centre of Oregon were confirmed to have been attacked (Associated Press, 2020). The present cyber-attacks have been confirmed to be mostly for-profit, and not nation-state backed. Recently cyber attackers have used Trickbot Trojan in delivering the Ryuk malware to the systems of their intended targets. The Trickbot targets Windows-based systems to knock off their network system’s servers.
Multiple hospitals across the U.S, such as the Hollywood Presbyterian Hospital of California, have been victims of ransomware attacks; in their case, paid $17,000 to regain access to their network systems and files (Ibarra et al., 2019). These hospitals have suffered such ransomware attacks outdated JBoss [ii] server software. The attackers uploaded the malware into the out-of-date server without the need for interaction from the victims. These attacks cause massive delays in patient care and put tremendous pressure on hospital administrators to get immediate remedies, which leads to attackers demanding higher fees for regaining access. Healthcare firms have to train users on recognition, avoidance, and reporting of phishing attackers. The informed users will apply sufficient skepticism on emails that pressure them n clicking links or sharing personal information since the users are often the first line of defense against many attacks.
Hospitals need to use multiple filtering layers, detection, encryption, and monitoring of the cyberspace to prevent any likely breaches and mitigate any exposure in the event of a breach. Additionally, using the principle of privilege in granting access to sensitive healthcare information and account capabilities can significantly reduce the risk of cyber-attacks. The use of such security measures such as two-factor authentication (2-FAC) minimizes the harm that comes with phishing by requiring an extra step in authentication (Lee & Jackson, 2018). It's notable that the success of prevention measures of cyber-attacks, even if it’s a single attack prevented, is much beneficial compared to any security implementation and inconvenience costs.
Data Breaches
Data breaches happen routinely in the healthcare sector attacks through individuals receiving email notifications of the infringement. The notification assures the user of free years of credit and identity monitoring. Notably, the healthcare sector has experienced more data breaches than any other industry in 2020 (Associated Press, 2020). Data breach attacks come from credential-stealing malware, insiders deliberately or accidentally disclosing patient data, or lost laptops/ technological devices. Tan (2020) reports the compromise of over 15 million health records in the U.S. from 2019-2020.
Distributed denial of Service attacks (DDoS attacks)
Hacktivists and cybercriminals commonly use the DDoS tactic, technique, and procedure (TTP) to overwhelm the healthcare systems to the point of inoperability. The DDoS attack is conducted by flooding a healthcare network with excessive traffic much more than communicates typically or handle. The attack involves overwhelming the network system that, in turn, denies access to the authorized healthcare providers, thus significantly limiting the usage of the network in providing proper patient care. The DDoS attacks could be accidental or opportunistic and target victims for either ideological, social, financial, or political reasons, particularly relating to cases that anger cyber threat actors. For example, the 2014 DDoS attack on Boston Children’s hospital was conducted by a known Hacktivists group after disagreeing with admission recommendations for one of the patients (Cabello et al., 2020).
Insider Threats
Insider threats are a dangerous risk to healthcare organizations because of the legitimate access to proprietary systems that these insiders have. Therefore, insiders can evade traditional physical security measures and intrusion detection devices (Ravi & Nair, 2019). The problem of insider threats is further compounded by the preoccupation of many healthcare organizations with keeping the firm's integrity and keeping at bay external attackers while failing to prevent the real and dangerous risk of internal threats. Insider threats could emanate from careless employees or deliberate malice-motivated actions. Insider threats come from unknowingly clicking malicious links that compromise the network, giving away codes, intentionally selling PII and PHI for profit, or losing work devices that contain sensitive data.
Business Email Compromise and Fraud Scams
According to Associated Press (2020), the FBI refers to business email compromise as the “Billion Dollar Scam” since the scammers use spoofed emails and or compromised accounts to trick employees into initiating money transfers to fraudulent accounts. The scammers often pretend to persons of authority with the health organizations such as the CFO or CEO and trick employees by mimicking these roles of authority. Healthcare organizations need to conscious of the scam as it leads to loss of PHI, PII, and goods such as prescription drugs.
The Solution to Cyber-Attacks in Healthcare
The current prevalence of cyber-attacks is unlikely to stop even as the healthcare industry adopts more technology and internet based services, particularly prompted by the current Covid-19 pandemic. It’s notable that even before the pandemic, the healthcare systems across the globe are in their way adopting or considering adopting cutting–edge technologies and the latest internet-based methods in enhancing their delivery of healthcare services. The cyber-attacks lead to health care providers going back to manual techniques of pen and paper and often lead to backlogs of laboratory work that pose a health risk to the patient, especially those who need urgent treatment or care. Thus, the hospitals and other healthcare agencies need to undertake the time and reasonable precautionary measures to prevent cyber-attacks or, to the least, nullify them at their first sign (Razaque et al., 2019). One of the foundational solutions and preventive measures of these cyber-attacks is having the hardware and software patches up to date and ensuring regular antivirus or anti-malware scans to detect and deal with any network system anomaly. Healthcare organizations should always be mindful of the current cybersecurity threats, detect cyber-attack vulnerabilities, and implement measures to close any potential attack vectors.
Healthcare organizations must prepare for ransomware attacks and understand that these attacks are highly devastating. The attacks should be stopped by blocking cybercriminals any access to systems and files. Using MS-ISAC’s primer on ransomware outlines, healthcare organizations should heighten their defenses through securing the systems, networks, and the end-users (Spanakis et al., 2020). Ways of heightening this securing include implementing the right email filtering, always having up to date antivirus, keeping up to date back-ups, and storing them offline. These steps will harden the health organizations’ threat of ransomware attacks. The healthcare services providers should also study and get their IT employees or people that handle/interact with their network systems to understand the current RaaS (Ransomware as a service) and JBoss Server to help them prevent suck cyber-attacks.
Healthcare organizations can use tools such as the Onion Router (TOR) to ensure their privacy and cybersecurity as they interact with the internet in their day-to-day activities. The primary objectives of the cybersecurity countermeasures should be to secure the integrity and confidentiality and ensure healthcare data and information systems' availability to the authorized personnel. To prevent data breaches, health organizations need to implement proper application and network security that stop system compromises. The firms can achieve that by encrypting patient data and limiting its accessibility even when the attacker has access to the system. The encryption implementation should be both at rest and in transit with accessibility to vendors and third parties who have access to the databases or healthcare network undergoing thorough training on handling patient data. Training of all responsible persons on the right/proper usage of PHI significantly reduces employee-error related data breaches (Lee & Jackson, 2018).
DDoS attacks are challenging to prevent or even stop because of the simplicity in which these attacks can be launched. However, healthcare organizations should endeavor to understand the attacks for proper mitigation strategies. The guidance to DDoS attacks provided by the MS-ISAC can help provide various definitions of the varying types of attacks for both reflection and standard DDoS attacks (Dogaru & Dumitrache, 2017). Following the MS-ISAC recommendations of keeping effective partnerships with the organization’s network service providers and collaboration/partnership with DDoS mitigation services’ firms can help avoid and effectively handle such DDoS attacks when they happen.
Healthcare organizations should use other insiders in the detection of any inside threats. Such can be achieved by training all healthcare organization employees or networks used to recognize and report insider threats and prevent such threats from materializing. When it comes to the “Billion Dollar Scam,” the finance department personnel are at the forefront of containing such attacks. The health organization should help increase awareness among all employees, particularly for finance, procurement, or accounting departments, to understand how the scam works to help implement best prevention methods. The healthcare firms could consider implanting precautionary approval steps or holding money transfer requests to very legitimacy. Ravi & Nair (2019) note that the key signs to detect such fraud are sudden changes in standard business practices, for instance, addresses (both virtual and physical).
Conclusion
The value of healthcare systems, facilities, and personnel to humanity globally is undeniable. Healthcare plays a vital role in ensuring safe and longer human life besides dealing with the day to day healthcare issues that humans face. Similarly, the current technological advancements and digital opportunities simplify users' lives, and the current healthcare is evolving increasing towards digitalization. Technology-based healthcare delivery is an excellent opportunity for human progress. However, it exposes the healthcare entities or organizations to multiple digital and non-digital threats, which could compromise patients' safety and the medical processes. Cybercriminals mostly target the EHR, which is among the most critical assets with great value in the black market. The only feasible way to run things currently is to prevent or stop cyber-attacks on the healthcare system due to their devastating effects. Some cyber-attacks on healthcare systems include ransomware attacks, data breaches, business email compromise, fraud Scams, DDoS attacks, and insider threats. Security and privacy in smart health will continue to be a concern and priority of e the healthcare providers and a more reason for protecting healthcare systems against cyber-attacks. Smart homes and healthcare's popularity will continue even as care is taken to thwart and neutralize any cyber-attacks.
References
Cabello, J. C., Karimipour, H., Jahromi, A. N., Dehghantanha, A., & Parizi, R. M. (2020). Big-data and cyber-physical systems in healthcare: challenges and opportunities. Big Data Privacy , 255-283.https://doi.org/10.1007/978-3-030-38557-6_12.
Dogaru, D. I., & Dumitrache, I. (2017). Cybersecurity in healthcare networks. E-Health and Bioengineering Conference (EHB) , 414-417.https://hdl.handle.net/10356/143676.
Ibarra, J., Jahankhani, H., & Kendzierskyj, S. (2019). Cyber-physical attacks and the value of healthcare data: facing an era of cyber extortion and organized crime. Blockchain and Clinical Trial , 115-137.https://doi.org/10.1007/978-3-030-11289-9_5.
Lee, D., & Jackson, J. (2018). Protecting against cybersecurity threats. Healthcare Financial Management, 72(9) , 24-26.
Ravi, A. R., & Nair, R. R. (2019). Cybersecurity threats and solutions in the current e-healthcare environment: A situational analysis. Medico-Legal Update, 19(2) , 141-144.
Razaque, A. F., Hariri, S., Chen, S., Siting, C., & Ji, X. (2019). Survey: Cybersecurity vulnerabilities, attacks, and solutions in the medical domain. IEEE Access, 7 , 168-174.https://doi.org/10.1109/ACCESS.2019.2950849.
Spanakis, E. G., Bonomi, S., Sfakianakis, S., Santucci, G., Lenti, S., Mara Sorella, F. D., et al. (2020). Cyber-attacks and threats for healthcare–a multi-layer thread analysis. 42nd Annual International Conference of the IEEE Engineering in Medicine & Biology Society (EMBC) , 5705-5708.https://doi.org/10.1109/EMBC44109.2020.9176698.
Tan, E. E. (2020). Cyber-attacks on healthcare systems: infrastructure protection critical. RSIS Commentaries , 103-120.https://doi.org/10.1109/EHB.2017.7995449.