Cybercriminals accelerated their targeting of hospitals and other health care facilities as 2020 neared its end.
Such attacks on health care facilities around the world rose by 45% in just two months, according to a new study by leading cybersecurity firm Check Point Software Technologies.
This is more than double the general increase seen across other industries worldwide, the report showed.
With health care systems overburdened by the COVID-19 pandemic, it is clear that cyberthreat actors are taking advantage of the commotion for quick strikes.
This is particularly worrisome for decision makers and health care professionals as they simultaneously deal with the high pressure the novel coronavirus places on their institutions.
No health care professional or administrator wants to be hit by “threat actors” that could delay treatment and endanger a patient’s life, or lose records and compromise medical privacy.
The attacks are not isolated.
Canadian health care facilities have been targeted such that cases jumped by over 250% in the past two months, while Germany showed a 220% increase over the same period.
Central Europe was the hardest hit region, with a 145% rise in attacks, while East Asia reported an increase of 137% and Latin America an increase of 112%.
In the US, health care facilities have experienced an increase in sustained cyberattacks, according to an October 28 Joint Cybersecurity Advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation, and the Department of Health and Human Services (HHS).
According to that report, “the CISA, FBI and HHS have credible information of an increased and imminent cybercrime threat to US hospitals and health care providers.”
Criminals are working their cyberattacks like any business does, looking for ways to make money and taking advantage of others’ weaknesses or their own strengths
The same is true in Israel. Dramatic increases in cyberthreats to the country’s health care structure reflect the new reality.
“We see attacks all the time. There is a drastic increase in cyberthreats to our hospital,” Shimi Ben Baruch, chief technology officer at Shaare Zedek Medical Center in Jerusalem, told The Media Line.
To deal with this, Ben Baruch says the hospital is taking pre-emptive steps, as well as reactive ones.
“We are working to educate our staff with bulletins and study sessions. We also conduct three cyber exercises for the management annually and are changing our operations to combat cyberattacks,” he said.
According to Ben Baruch, hospital management is taking the subject very seriously. The outlay of funds from the hospital’s budget for cyberthreats, he said, was increased by far more than 100% for the 2020-2021 budget.
Israel’s health ministry, in response to a question from The Media Line, said in a statement: “The health ministry works continuously together with health care organizations to prevent incidents in the cybernetic space and to deal with them.”
To fight such threats, the ministry operates the National Center for Preparedness and Management of Cyber Threats in the Health Sector.
“The National Cyber Center deals with cyberthreats and challenges whose goal is to try to cause data leaks and to damage information assets,” the ministry said. “This work is carried out continuously and in concert with health care organizations, to prevent such incidents in cyberspace and to deal with them.”
“All this is done under the guidance and in coordination with the National Cyber Directorate, to create the best possible defense package for Israel’s health care organizations,” according to the ministry.
Cybercriminals are generally in it for the money, experts say. Ransomware attacks, where a computer system and its data are held hostage in exchange for payment, are the most pervasive type against hospitals and health care institutions.
“Criminals are working their cyberattacks like any business does, looking for ways to make money and taking advantage of others’ weaknesses or their own strengths,” cybersecurity expert Dr. Gabi Siboni told The Media Line.
Their motivation is money. They access health care data only for the financial benefits selling the data nets them, Siboni said.
“Hospitals might think their data is more sensitive because of privacy laws and what the data shows about individuals in their care. But it really is not,” he said.
Cyberthreats, whether to banking or health care or to other sector across the board, exist for one reason only: to make money, Siboni added. “Around the world, it is what business is all about,” he said.
However, Prof. Isaac Ben Israel, director of Tel Aviv University’s Blavatnik Interdisciplinary Cyber Research Center, argues that things are not so black and white.
Many cyberattacks, he said, are about disruption of systems, networks and infrastructure. Such attacks are “soft power” disturbances countries wield against one another without having to initiate open warfare.
“Countries can also ask for money, thereby turning the attack into something that hurts economic infrastructure. Think about this as a deception: a group demanding money can actually be a sovereign state camouflaged,” Ben Israel told The Media Line.
As long as the pandemic rages, cyberthreat actors will be on the top of their game, seeking new ways to operate their businesses, exploit their competitive advantages and accrue more capital.