On November 23, 2022, when the All India Institute Of Medical Science (AIIMS) institute’s entire data security structure explosed to a ransomware cyber attack initiated by Chinese hackers, it set alarm bells ringing for precautions to protect hospitals from malware, phishing, ransomware, and malicious cyber activities. According to reports, the attack could have exposed around 40 million patient data. It was disclosed the fact that healthcare sector was the most targeted sectors in India by cyber threats, even as worldwide cyberattacks increased by 38% in 2022 in comparison to 2021.
Check Point Research (CPR) reveals that these cyberattacks are driven by smaller, more agile hackers, and ransomware gangs. “Hackers like to target hospitals because they perceive them as short on cyber security resources, with smaller hospitals particularly vulnerable, as they are underfunded and understaffed to handle a sophisticated cyberattack,” said Omer Dembinsky, Data Group Manager at Check Point Software. “As technology advances, the healthcare industry is becoming lucrative to hackers as they aim to retrieve health insurance information, medical record numbers, and social security numbers with direct threats from ransomware gangs to patients demanding payment under threats of having patient information,” he added further.
Technology advancement is not only a “boon” for the world but also a bane for industries in many ways. The healthcare industry is no exception; cybersecurity is taking advantage of patient data. Healthcare Databreach Statistics 2023 In India reveal that 30% of all significant data occur in hospitals, and 51% of hospitals reported a surge in data breaches since 2019. As hospitals become susceptible to online attacks, they must spend on cybersecurity to keep patients’ data and information at bay. Every healthcare organisation should implement proactive strategies to protect hospitals against cyberattacks.
Table of Contents
Invest In Cybersecurity Systems
According to a healthcare industry report, the global healthcare industry will likely spend $125 billion on cybersecurity from 2020 to 2025. As a proactive measure, the cybersecurity system helps hospital prevents cyber attacks from occuring. The continuous digital revolution and digital transformation call for more preventive measures against cyberattacks – the cybersecurity system is one such unique way that should be installed in hospitals. It helps lessen the damage done by cyberattacks and keeps hospitals ahead of technology trends.
Practising Proper Cyber Hygiene
Last year, India witnessed 13.9 lakh cybersecurity incidents due to the poor practice of cyber hygiene. There are three essential steps to be followed when practising cybersecurity – awareness, training, and mitigating strategies. Hospitals must spread awareness among employees about the risk related to poor cybersecurity practices like using insecure wireless networks and sharing usernames and passwords with others. They need to know exactly what to do to enhance their online safety and privacy.
Employees must be aware of what mitigation strategies they need to use when faced with an actual threat, like identifying phishing emails and recovering from ransomware attacks quickly and efficiently without having much damage done in the process. By making employees aware of these kinds of resources for proper cybersecurity practices. This practice will help hospitals boost cybersecurity, ultimately leading to better patient care.
Encourage To Use Of Robust Password
As per the Top Password Statistics Report 2023, 30% of internet users experience a data breach due to weak passwords; the most common password is used, 123456. Strong passwords are a must when it comes to boosting hospital cybersecurity. Hospitals should encourage employees to use strong passwords for the hospital’s network, and their email accounts should have a password that is hard to guess. Asking hospital staff to change passwords regularly will help them save sensitive data from breaches or cyber threats.
Keep Updated With Data Protection Policies
Technology keeps on advancing, so it is imperative for hospitals to stay updated with the technology trends and data protection policies to protect data from cyber threats. Hospitals should pay attention to significant points to prevent their data from ransomware attacks:
- What kind of data does the hospital handle?
- Who can access these data, and for what purpose?
- What type of data storage and transmission does the hospital have?
- How does the hospital store and transmit data?
- What security features does the hospital use to protect data?
As cyberthreat is becoming a significant concern in the healthcare industry, healthcare cybersecurity leaders should create a crisis response team that can effectively manage cybersecurity in the event of a security incident.
