The situation remains quite serious: at the beginning of this year, the LockBit ransomware operation claimed responsibility for a November 2023 cyberattack on Capital Health, a healthcare service provider in New Jersey and parts of Pennsylvania, US. The hackers not only infiltrated the hospital network but also threatened to leak sensitive medical data and negotiation chats.
Although the nature of this very cyberattack remains undisclosed, statistics show that over 50% of ransomware and malware attacks start with phishing. Verizon’s 2023 Data Breach Investigations Repor adds another layer to the narrative, saying that “74% of all breaches include the human element, with people being involved either via error, privilege misuse, use of stolen credentials or social engineering”. The case of Capital Health provides an opportunity to talk about the level of staff preparedness for such social engineering attacks as phishing in a highly vulnerable sector such as healthcare & pharmaceuticals.
The High Stakes of Phishing Attacks in Healthcare
Phishing attacks pose an exceptional threat to healthcare organizations due to the value of patient data they store.
Protected health information (PHI)
has become a highly attractive commodity in the black market, for cybercriminals, bringing a staggering $1,000 for every patient record stolen on the dark web. That is a lot more than the cost of credit card numbers ($5 each), hacked Instagram accounts ($7), and even social security numbers ($1).
In addition to financial gain, cybercriminals with experience in drug trafficking and money laundering eagerly purchase medical records from malicious websites. These records enable them to obtain prescription medications, file false medical claims, or engage in identity theft by opening credit cards and taking out fraudulent loans. Unlike accounts and credit cards that can be quickly canceled, medical records provide a rich resource of valuable and permanent data points.
Although many cybercriminal groups have recently been talking about ethics when it comes to targeting highly vulnerable organizations such as hospitals, they are not going to leave the sector alone, even if the consequences of their attacks could be disastrous for health systems and the well-being of patients, who rely on the healthcare system.
Alarming Phishing Statistics in the Sector: A Wake-Up Call
Despite the fact that healthcare providers and pharmaceutical organizations are that vulnerable to cyberattacks, the Phish-Prone Percentage (PPP) for the sector, as revealed in the Phishing by Industry Benchmarking Report for 2022 and 2023, is concerning. Let’s take a detailed look and first glance at the data.
In 2022 across small organizations (1-249 employees) the healthcare & pharmaceuticals industry ranked 2nd at risk with a PPP of 32.5%. Among mid-sized organizations (250-999 employees), with a PPP of 36.6%, the healthcare & pharmaceuticals is in the 2nd position as well.
In 2023
among small organizations, the healthcare & pharmaceuticals sector (though slightly better than in 2022) claimed the top spot with a PPP of 32.3%. As regards mid-sized organizations, healthcare & pharma moved to the 1st position with a PPP of 35.8%.
These figures highlight the healthcare and pharmaceutical industry’s vulnerability, ranking highest at risk for both small- and medium-sized organizations.
Addressing the Human Factor: Cybersecurity Training is Key
The results of initial baseline phishing security tests held by KnowBe4 emphasize the likelihood of users falling victim to phishing scams without proper cybersecurity awareness. Every organization, regardless of size and vertical, is susceptible to both phishing attempts and social engineering without training and frequent reinforcement. The workforce, in every industry, represents a potential doorway to attackers, irrespective of investments in top-notch security technology.
Apart from utilizing high-quality hardware, regularly updating software, using multi-factor authentication whenever possible, and initiating backups cooperating with trusted vendors, healthcare and pharmaceutical organizations must prioritize staff education to prevent catastrophic damages resulting from a single employee clicking on a malicious link promising them free tickets to a Taylor Swift show. Assessing existing levels of awareness through surveys and planning training opportunities for staff at all levels is paramount. Frontline employees must receive additional information about potential security issues and prevention methods as the security landscape evolves.
Several pieces of research also indicate that messages regarding data breaches, risk management, and cybersecurity values are more thoroughly followed when they come from top management. Establishing direct communication between management and employees regarding security issues fosters a culture of cybersecurity within the organization.
Technical Means: Web Filtering as a Shield
While various technical means exist, finding a high-quality solution that minimizes the probability of human error is critical.
An employee may be well aware that
there is no such thing as a free lunch or a free ticket to the VIP area at their idol’s concert.
However, it is impossible to take into account all factors, such as a person’s emotional state at a particular period of time, which may contribute to them taking a rash step, etc. Therefore, having a tool that prevents employees from making mistakes, even if they click on malicious links, is crucial. In this context,
web filtering emerges as a powerful solution.
With SafeDNS web filtering, malicious links, even the most newly generated ones, will not harm the organization. This additional layer of network protection is able to shield healthcare providers and pharmaceutical organizations from the potentially disastrous consequences of human error.
The rising tide of cyber threats against healthcare organizations demands immediate and comprehensive action. Beyond the implementation of technical solutions, cybersecurity education and awareness must take center stage. Protecting patient data and ensuring the resilience of healthcare systems require a multi-faceted approach, including continuous training of healthcare staff, communication from top management, and even practices leveraging advanced up-to-date technologies like web filtering.
Today when the stakes are higher than ever, the healthcare sector must be well-equipped with all the available tools and strategies against cyber threats. As the saying goes, an ounce of prevention is worth a pound of cure. Let’s prioritize cybersecurity to both protect patients and safeguard the backbone of our communities – the healthcare system.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.
