If you had to guess which industry is most targeted by cyber-attackers what would you say? Banks? Credit Unions? Other financial institutions? Guess again.
In 2015, the healthcare industry beat out financial services to become the biggest hacker target, a competition which I’m sure they were thrilled to win.
I realize that I may have just broke your brain, but have no fear – answers are here! Today we’ll go over what makes the healthcare industry such an easy target, why anyone would want to attack it in the first place, as well as a few simple steps we can take to stop this madness.
What Makes The Healthcare Industry So Vulnerable?
Connected devices such as tablets, laptops, and smartphones are one of the key reasons that make the health care industry so susceptible to serious cybersecurity issues. About 70% of all clinicians use mobile devices of some sort to view patient information, and over 41% use them to get clinical data.
Internet-connected medical devices tend to have major vulnerabilities and are highly susceptible to security threats. This is due to a combination of long product lifespans, regulatory oversight, and niche usage.
Why Attack The Healthcare Industry?
Hackers value the information contained in healthcare data, such as social security numbers and home addresses, more than any other type of data. Why? It’s lucrative.
Once this personal information is obtained it can then be sold to third party buyers to be used for anything from marketing campaigns and spam mail to data analysis and identity theft.
How Does a Breach Occur?
As we covered before mobile devices are a large part of the problem, but there are many other issues that occur as well, including:
- Workers using unauthorized cloud-based apps
- Doctors providing workers with their usernames and passwords
- Unlocked storage facilities containing patient information
How Can We Protect Ourselves?
Ransomware, malware, and denial-of-service are the top cyber threats facing healthcare organizations today. Thankfully, there are several steps we can take to help prevent these attacks, including but not limited to:
- Access controls
- Encrypt information
- Train medical staff to detect and avoid phishing attacks in emails
- Backing up data
- Restricting user access
For more great information on protecting patient information please take a look at the infographic below, courtesy of the awesome folks at UIC.
Interested in making health informatics a career? Be sure to check out UIC’s Online Health Informatics Degree for an accredited organization you can trust!