In recent times, hackers are looking for innovative ways to infiltrate through covered networks. With digitization of healthcare industry comes challenges to secure patient information. But the change has brought speed, efficiency, and effectiveness to treat patients and prevent diseases. The scenario is also boon for hackers. All the sensitive data is now present on the server which can be hacked.
According to the reports, the healthcare industry was the most targeted sector for cyber attacks in 2015. Cyber
attacks have compromised over 100 million medical records. Attack on Anthem’s network resulted into 70% of all compromised records.
According to the CEO of Vigitrust, Mathieu Gorge, “The first thing to consider is the actual value of the patient data, so if you go to a hospital or to your GP, data that is held about you has a lot of value to you and we need to protect the confidentiality and integrity of that.”
The reason behind the cyber attacks on healthcare are on the rise due to following reasons
Sensitive Personal Information
Electronic Health Records (EHRs) is being used frequently in the healthcare industry. The availability of information lures hackers to get ransom for sensitive information. Sometime attack lock medical histories, psychological profiles, and family connections to billing data and addresses. Hackers can then demand money to unlock affected information.
Hackers can also indulge in activities like insurance fraud, identity theft, and extorting victims. The most shocking fact of the medical information is that it can be used number of times unlike credit cards which can be blocked immediately. Also, healthcare data is extremely valuable in the black market.
Taking advantage of Intellectual Property
Considering R& D department of big companies, there is possibility of cyber attack to gain access to intellectual property. Due to competitive market, the price of intellectual property sky rockets in the grey market.
Lack of Awareness
Recent trends show that the healthcare industry is undergoing fast transition towards digitization. IT is migrating health records to digital and using new storage and processing techniques to analyze patient data. But the pace with which data is translated is not reflected into security aspects. One needs to keep security process intact to safeguard data.
Human Resources
There is a lack of security professionals in the healthcare industry. Many who are working in the industry don’t have enough knowledge to handle sophisticated cyber attack.
Innovation in Attack
Below are the few examples where hackers have gone beyond the conventional attack. Example includes – remotely modifying the dosage rates of an insulin pump and manipulation of baby monitors.
To safeguard data, Gorge suggest that, “The first thing to do, if you are an entity that has access to health records, is to make sure you have a data classification policy. This allows you to do an inventory of your data: The structured data, the unstructured data, that you hold yourself, and the data that you might need to access that might be held by another entity.”
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.