top of page

Recent Attacks Show the Importance of Cybersecurity in Healthcare


two doctors looking at tablets, healthcare cybersecurity

Cybersecurity concerns have been growing in importance over recent years as cyber threats and attacks become more and more prevalent. Cyber criminals do not limit their targets to certain industries or business sizes, though small businesses may have a harder time combating them with less resources. One significant target of these attacks recently has been the healthcare industry, one that contains millions of patient records and valuable data. According to the HHS Office for Civil Rights (OCR), there has been a 93% increase in large breaches reported to them from 2018 to 2022, with a 278% increase in large breaches involving ransomware.


A large ransomware attack in February targeted UnitedHealth Group’s Change Healthcare, affecting hospitals all across the U.S. This breach brought a halt to the cash flow of many organizations and potentially exposed the data of millions of patients, in addition to costing the company billions of dollars. Keep reading to learn more as we highlight the importance of effective cybersecurity in healthcare. 



Cyber attack on Change Healthcare affects millions

This past February, Change Healthcare was affected by a cyber attack from BlackCat ransomware actors that considerably impeded the U.S. healthcare system. The recovery process is still ongoing, with many healthcare providers and organizations feeling the impact of this unfortunate incident. An American Medical Association survey showed that over 50% of physicians had to utilize their personal savings due to the financial strain of the unavailability of the Change Healthcare systems. 


How this attack was able to occur remained to be the biggest question following it. This occurrence brings to light the crucial nature of effective cybersecurity efforts in every aspect and operation of healthcare. Though the attack is still being investigated, it was revealed that the attackers accessed a Change Healthcare Citrix portal using compromised credentials where they were able to deploy the ransomware. This portal did not have multi-factor authentication enabled, an oversight that shows the vital importance of such a tool. The simple requirement of a one-time-use code or additional authentication could mitigate cyber attacks greatly. 


The significance of third-party risk management is also brought to attention. The majority of the top ten largest healthcare data breaches reported in 2022 and 2023 originated from third-party vendors. Having effective strategies to protect systems and sensitive data in third-party healthcare companies like Change Healthcare is crucial in events like this one.



How can healthcare organizations mitigate cyber attacks?

The Change Healthcare ransomware attack further highlights the importance of cybersecurity measures in the healthcare industry. One misstep can affect millions of individuals and hordes of sensitive information that brings great financial impacts to companies’ doorstep. Let’s look at a few things that these healthcare organizations can do:


  • Set up clear core practices: It is important for every individual in every healthcare operation to understand a set of practices established by an organization in order to protect systems and data. These may include making sure systems are regularly up-to-date, patching any vulnerabilities that are exposed to the internet, consistent testing of backups and assets, and implementing multi-factor authentication at all levels. 


  • Identify risky connections: When healthcare organizations utilize other companies in their operations, there is a potential for risk. If these third-parties have full bidirectional network connectivity, there should be strategies set in place to protect that connection so that there is a better chance of detecting and fighting against a breach.


  • Always share information about an attack: Should a cyber attack occur, it is important for healthcare organizations to report it as soon as possible. Change Healthcare had not reported information on what had occurred for six days, which can jeopardize the entire ecosystem. By sharing known technical details about the attack, other organizations will be able to protect their systems more effectively to ensure the event does not repeat. 



The recent attack against Change Healthcare shook the entire industry across the U.S. and brought the topic of cybersecurity back to the forefront of everyone’s mind. Sticking to best practices in terms of protecting sensitive data and operational systems can help make sure that an attack on this scale can be detected and prevented before significant impacts occur.





Sources:


Comentarios


bottom of page