Healthcare Cyber Threats

Healthcare Cyber Threats

By Dr. Peter Yu

In recent years, the healthcare industry has consistently been the primary target for cyberattacks and cybercriminals. According to recent reports, data breaches cost the industry approximately $5.6 billion every year, and almost 90% of healthcare organizations had experienced a data breach (mostly ransomware attacks) in the past few years. Even with the help of security experts and advanced data protection, many threats still continue to be challenging in the health sector, including:

  • Internet of Things (IoT) or medical devices – More and more medical or wearable devices are now connected to the internet and can collect and transmit data to a remote system. This cloud connectivity brings significant benefits to healthcare likes disease/drug management, remote monitoring, and patient safety improvement. However, if not managed properly, attackers can take advantage of the device and steal protected information. A recent publication also demonstrates that a hacked device or zero-day exploit in a medical device can be used to injure or even kill a patient by using deep-learning to add or remove evidence of medical conditions from volumetric (3D) medical scans. To avoid such attacks, consider enabling two-factor authentication to enhance the authorization check and anti-rollback mechanisms to prevent reverting software or operating systems (OSs) to an older, less secure version.
  • Cloud and ransomware – Compared with the on-premise high up-front costs, cloud-based EHRs provide a more affordable solution. Since cloud-based solutions often don’t require capital investment in new hardware or in-house storage systems and network staff, small, independent, and community hospitals increasingly adopt this IT infrastructure to reduce operating costs. But as data moves to the cloud storage, hackers also shift their focus to the online system because patient information is now stored in a centralized data warehouse. Ransomware and newer attacks also increase as the stakes are higher since more PHI could be potentially breached when the system is compromised. This new trend also forces the service provider to enhance network security, access monitoring, data encryption, and comprehensive data backup strategy to avoid such ransomware attacks.
  • Phishing attacks and social engineering – Social engineering, the art of manipulating, influencing, or deceiving to trick people into making security mistakes or giving up confidential information. We, the human being, are usually the weakest link in the realm of cybersecurity. This has been and will likely remain true. Criminals are using this weakness to attack “us” to obtain passwords, sensitive information, or access to protected data. It doesn’t matter how many locks and deadbolts are on your doors and windows, or if have guard dogs, alarm systems, floodlights, fences with barbed wire, and armed security personnel; if you trust the person at the gate who says he is the pizza delivery guy and you let him in without first checking to see if he is legitimate you are completely exposed to whatever risk he represents [ref].

Here is a video clip as an example of vishing (voice phishing) attacking –

As you can see in the video, a security researcher (Jessica) uses a fake number and a pre-recorded crying baby sound to access others’ online cell phone accounts in less than two minutes. Attackers often use the sense of urgency, curiosity, or fear with social engineering to manipulate the user into responding quickly without considering the security risk.

Also, in today’s world of endless connectivity, email is one of the primary ways we communicate in nearly every environment. Emails are fast, cheap, accessible, and easily allowing people to exchange electronic files, photos, and documents. Since so many people worldwide depend on emails, it becomes one of the primary targets by social engineering attacks. To avoid becoming a victim of an email attack, please check the red flags chart below before replaying any suspicious email-

If you have any healthcare cybersecurity questions, please contact us at