Front Page

Healthcare under siege: Strategies for safeguarding services in the face of evolving cyber threats

By Mike Puglia, General Manager, Security Products, Kaseya

Healthcare providers are grappling with a series of interconnected challenges that are reshaping the delivery of care. The pursuit of equitable access to healthcare is more crucial than ever, yet it faces significant obstacles due to persistent staff shortages, constrained budgets and evolving cyber threats.

In June, the NHS confronted one of its most severe crises to date after Synnovis, a leading pathology testing organisation, fell victim to a devastating cyberattack.

Orchestrated by the Qilin Group, the breach compromised 300 million NHS patient records, including highly sensitive blood test results for conditions like HIV and cancer. The attackers leveraged the stolen data to demand a £40 million ransom, causing substantial disruption affecting more than 3,000 outpatient appointments across King’s College and Guy’s and St Thomas’ hospital trusts in the weeks that followed.

It’s not the first time that the NHS has suffered at the hands of cybercriminals.

In August 2022, a breach at a healthcare IT service provider – Advanced – led to the theft of personal data for 83,000 individuals, including phone numbers and medical records. This breach exposed sensitive information on how to gain physical access to the homes of 890 people receiving care. And, in May 2017, the WannaCry ransomware attack disrupted NHS operations, affecting 80 hospital trusts and 595 GP practices across England.

What makes healthcare providers so attractive to cybercriminals?

Unfortunately, there are several unique characteristics that make the healthcare industry highly attractive to threat actors. So much so that the World Economic Forum reports that 14.2% of all attacks on critical infrastructure now target healthcare.

Critically, industry providers hold enormous amounts of sensitive information that can be used as a potent weapon in malicious hands, helping financially motivated cybercriminals to put immense pressure on patients and healthcare entities alike.

Cybercriminals understand the damage they can inflict by targeting healthcare systems. If systems are not available all day, every day of the year, there can be life or death consequences. This makes their cybersecurity exceptionally important.

Unfortunately, organisations like the NHS face significant constraints in their capacity to tackle cybercrime due to limited resources. Critically, the NHS depends on public funding, which can only stretch so far. Consequently, it has historically continued to grapple with IT challenges, with a recent report from the British Medical Association estimating that the NHS loses 13.5 million hours annually – equivalent to the time of 8,000 full-time doctors.

This is a serious problem. Not only does outdated IT infrastructure impede productivity, but it can also cause critical gaps in cybersecurity defences to arise.

The situation is further complicated by the intricate nature of the NHS’s workforce. With a sprawling digital ecosystem involving a wide range of patients, healthcare professionals and external partners, maintaining secure access to confidential data becomes a formidable task. In 2020, the NHS itself underscored the scale of this challenge, revealing that NHSmail required 64,000 user account updates each month across over 13,000 health and care organisations in England and Scotland.

Then, there’s also the fact that the NHS is limited in how demanding its security measures can be. Its primary responsibility is the care and safety of its patients – a priority that must not be undermined by extensive or overly complicated security protocols. For example, it cannot demand that all appointments be booked via a patient portal requiring multi-factor authentication. Doing so could hinder the ability of less technologically savvy patients to access crucial services.

Core strategies for improved cyber resilience in healthcare

Given the unique vulnerabilities healthcare organisations face – and the escalating efforts of cybercriminals to exploit these weaknesses – it is imperative that industry players strengthen their security protocols as a priority. Indeed, doing so is essential to fend off the rising tide of attacks, protect sensitive patient data and sustain the integrity of healthcare services.

While achieving this can be challenging, particularly with limited budgets and resources, there are several areas where the NHS and other healthcare providers can strategically focus their efforts.

First and foremost, healthcare providers must align with established standards and compliance frameworks such as GDPR, NIST, and NIS2 that have been specifically designed to offer critical guidance on best practices for key security fundamentals.

Here, firms should also focus on establishing clearly defined processes and playbooks that outline the necessary actions at every stage of a cyberattack. In doing so, firms can be confident in their ability to respond to breaches in a swift, precise and effective manner, with clearly outlined responsibilities guiding a coordinated response in critical situations.

With that said, in a rapidly evolving threat landscape, these processes and playbooks will need to be reviewed and updated on a continuous basis.

An effective security strategy today may be rendered inadequate by emerging threats or vulnerabilities tomorrow. Therefore, healthcare providers should collaborate with cybersecurity experts to conduct regular vulnerability scans and penetration tests. This proactive approach helps ensure that any new security gaps can be identified and addressed promptly, maintaining robust protection against evolving risks.

In addition to all these efforts, healthcare providers must not overlook the value of education and training in enhancing their security efforts. Roughly nine in 10 cyberattacks begin with phishing as criminals attempt to deceive individuals into divulging sensitive information or login credentials.

Combatting these attempts is vital, and it’s imperative to equip staff with the knowledge, awareness and tools to identify and mitigate such attacks.

With the right combination of tactics that align with compliance requirements and work to enhance defences on an ongoing basis, healthcare providers can boost their ability to sustain continuous, secure patient care in the face of ongoing cyber challenges.

The foundation of success lies in mastering fundamental cybersecurity practices and building robust defences that can adapt to evolving threats.

Categories
Front PageNewsSECURITY

Join our audience of
healthcare industry professionals

Join our audience of
healthcare industry professionals

X