Cyber attacks on healthcare facilities

Healthcare organizations rely on a vast network of connected devices to deliver essential services. The sheer volume and variety of parties involved in the production or circulation of healthcare data adds an extra layer of complexity when it comes to maintaining cybersecurity – from clinicians to technical experts to patients. While this is understandable given their lack of cybersecurity expertise, security considerations demand that healthcare institutes remain vigilant to potential attacks that could put patient information at risk.

With over 3,000 healthcare establishments in France, cybercriminals have a wide choice of potential targets. Between healthcare data thefts, ransomware demands and an increase in cyberattacks, 2022 has been an eventful year for the healthcare sector. Let’s take a look at cyber attacks and their impact on healthcare establishments.

Key figures

Medical records are proving to be a valuable commodity on the digital black market – selling for 2.5 times more than other documents at an average of 350 euros each. Cybercriminals see them as goldmines, filled with sensitive personal information, including biometric data and bank details – making them incredibly attractive targets.

Healthcare organizations have long been subject to relentless cyber attacks, as medical data remains a particularly attractive target for malicious actors. For years now, these companies and institutions have had to stay one step ahead of the latest threats in order to preserve the security of their sensitive information.

In 2020, hospitals enjoyed some respite from the COVID epidemic. But since 2021, cyberattacks have picked up again, reaching 733 compared with 392 in 2020.

To date, the number of computer attacks targeting hospitals and healthcare establishments in France in 2022 is still unknown. However, the French national authority for information systems security and defense (Anssi) says the trend is set to continue. This year, the frequency of serious incidents in French healthcare establishments is estimated at more than one per week.

What are the most common cyber attacks on hospital IT systems?

The healthcare sector is plagued by a myriad of cybersecurity issues. These problems range from malware that compromises system integrity and patient confidentiality, to distributed denial of service (DDoS) attacks that disrupt facilities’ ability to deliver patient care.

1. Ransomware

As a rule, ransomware infects machines in one of three ways:

• via phishing e-mails containing malicious attachments
• via a user clicking on a malicious link
• viewing advertising containing malware (malvertising)

Ever-changing variants and tactics, techniques and procedures (TTPs) complicate the task of security experts. What’s more, platforms such as “ransomware as a service” (RaaS) make it easy for anyone with little or no technical skills to launch ransomware attacks.

2. Data breaches

Infringements are widely observed in the healthcare sector. These can be caused by many different types of incident, including malware stealing credentials, an insider deliberately or accidentally disclosing patient data, or the loss of laptops or other devices.

3. DDoS attacks

Distributed denial of service (DDoS) attacks are a popular tactic, technique and procedure used by cybercriminals to overwhelm a network to the point of rendering it inoperable. This can pose a serious problem for healthcare providers who need access to the network to provide appropriate patient care, or who need Internet access to send and receive e-mails, prescriptions, records and information.

Why are hackers increasingly targeting hospitals?

In the past, cybercriminals didn’t dare attack hospitals.

Hospitals are frequent targets for hackers for a number of reasons. Firstly, hospitals often have less robust IT security systems than other businesses, making them more vulnerable to cyberattacks. Secondly, patients’ medical data is highly valuable and can be resold for fraudulent purposes. Finally, attacks on hospitals can have serious consequences for patients, which can give hackers a psychological advantage.

Consequences of cyber attacks

The consequences of a cyber-attack on a hospital can be severe and life-threatening. Some possible consequences include:

• Service interruptions: the attack can lead to disruption of hospital IT systems, which can affect care processes, communication between healthcare professionals and patients, and access to medical records.
• Medical equipment failure: cyber attacks can disrupt the operation of medical equipment, such as scanners, vitality monitors and health management systems, putting patients at risk.
• Ransomware: hackers can use ransomware to lock hospital data and systems and demand a ransom to unlock them. This can lead to processing delays and management problems.
• Theft of personal data: cybercriminals can steal personal data, such as names, addresses, social security numbers and patient medical information, and use it for malicious purposes. This can cause financial and emotional damage to those involved.
• Loss of trust: cyber attacks can also have an impact on a hospital’s reputation and patients’ trust in the care it provides. People may be less inclined to trust the hospital and use its services.

Even if healthcare establishments don’t pay the ransom demanded by cybercriminals, the costs are considerable. Between lost data, time spent processing medical records manually, and slowed patient management, medical staff have to devote an enormous amount of time to keeping the facility running.

Is the healthcare sector lagging behind in terms of cybersecurity?

In a hospital, many systems are connected. However, this equipment is often managed by obsolete computer systems such as Windows XP, and some systems even date back to 1998 or 2000. Nursing staff also need to be trained. Despite all the security systems installed, if a nurse clicks on a fraudulent e-mail, they become useless.

What needs to be done to improve the cybersecurity of these critical infrastructures?

Clearly, the priority is to facilitate the modernization of hospital IT systems. The use of email filtering software is also a solution to combat cyber-attacks. Large healthcare establishments can also hire a specialist in cybercrime, which represents a certain cost that is difficult to envisage for a small hospital. 

What is the government doing or has done to protect them?

To combat this phenomenon, the French government has announced a 25 million euro cybersecurity budget for healthcare establishments for 2021 and 2022.

This security plan concerns 950 establishments, including 150 hospitals. The 20 million euros “will almost double the number of healthcare establishments benefiting from this security pathway, which will immunize them against this type of attack”, said Jean-Noël Barrot, Minister Delegate for the Digital Transition. The aid will enable “audits” to be carried out, followed by “technological and human support”. 

Hospital? Clinical? Laboratory? Healthcare company? If you too would like to protect your mailbox, or find out more about Altospam’s email protection solution, request a test or contact us.