Cybersecurity outlook in 2022
February 01, 2022
Health IT
From the January/February 2022 issue of HealthCare Business News magazine
By Azi Cohen
The COVID-19 pandemic not only wreaked havoc on hospital staff and patients, it also impacted their bottom line as elective surgeries and procedures were all pushed back. If that wasn’t enough, on top of those dire conditions, cyberattackers immediately jumped in to exploit those vulnerabilities.
Since the outbreak of COVID-19, healthcare has seen triple digit increases in cyberattacks volleyed against hospitals throughout the world. While attention was being paid to ensuring the safety of patients and hospital staff, cyber criminals used the distraction to gain unauthorized access to hospital networks, with concerning outcomes. According to a Ponemon Institute report, The Impact of Ransomware on Healthcare During COVID-19 and Beyond, 71% of hospitals that reported a ransomware attack noted their patients spent more time hospitalized, with 22% reporting that their patient mortality rate increased. What’s more, a CyberMDX/Philips Ipsos study revealed that only 11% of hospital IT teams have cyber security as a top priority spend.
Lessons learned from 2021 can be applied as we enter 2022. Over the next 12 months we should expect to see continued fallout from these attacks, but hopefully they’ll be accompanied by a deeper look at the value that security brings. With that in mind, here’s what we predict to happen in 2022:
Hackers will explore medical devices as an attack vector – The number of connected medical and IoT devices in healthcare networks is exploding. Deloitte estimates that 70% of all medical devices will be connected by 2023. It’s not a huge leap to expect that because hospital attacks are up triple digits in the past year, they are adding security tools. In this cat and mouse game, that means hackers will look for new ways in. With telehealth on the rise and with so many medical assets now connected, it’s likely they will explore new entry points to get into the network. The clinical network can emerge as an easier opening than the IT network and hospitals need to be ready if that happens.
Hospitals will demand supplier security – In the past, when targeting retail companies, cyberattackers have primarily sought credit card numbers. With health records commanding multiple times the value of credit cards on the dark web and with the success of many hospital ransomware attacks this year, it’s not hard to imagine why all that attention has shifted to healthcare. And supply chains are a significant risk from several vantage points. 1. Like those large retailers where the infiltration was done through a supplier, the same can happen to healthcare providers; 2. Recent vulnerability discoveries in medical devices will continue and if infiltrated, can extend or spread to many facilities; or 3. Suppliers themselves can get attacked. If they are producing a much-needed medical product and production is shut down, patient care can be severely impacted.
By Azi Cohen
The COVID-19 pandemic not only wreaked havoc on hospital staff and patients, it also impacted their bottom line as elective surgeries and procedures were all pushed back. If that wasn’t enough, on top of those dire conditions, cyberattackers immediately jumped in to exploit those vulnerabilities.
Since the outbreak of COVID-19, healthcare has seen triple digit increases in cyberattacks volleyed against hospitals throughout the world. While attention was being paid to ensuring the safety of patients and hospital staff, cyber criminals used the distraction to gain unauthorized access to hospital networks, with concerning outcomes. According to a Ponemon Institute report, The Impact of Ransomware on Healthcare During COVID-19 and Beyond, 71% of hospitals that reported a ransomware attack noted their patients spent more time hospitalized, with 22% reporting that their patient mortality rate increased. What’s more, a CyberMDX/Philips Ipsos study revealed that only 11% of hospital IT teams have cyber security as a top priority spend.
Lessons learned from 2021 can be applied as we enter 2022. Over the next 12 months we should expect to see continued fallout from these attacks, but hopefully they’ll be accompanied by a deeper look at the value that security brings. With that in mind, here’s what we predict to happen in 2022:
Hackers will explore medical devices as an attack vector – The number of connected medical and IoT devices in healthcare networks is exploding. Deloitte estimates that 70% of all medical devices will be connected by 2023. It’s not a huge leap to expect that because hospital attacks are up triple digits in the past year, they are adding security tools. In this cat and mouse game, that means hackers will look for new ways in. With telehealth on the rise and with so many medical assets now connected, it’s likely they will explore new entry points to get into the network. The clinical network can emerge as an easier opening than the IT network and hospitals need to be ready if that happens.
Hospitals will demand supplier security – In the past, when targeting retail companies, cyberattackers have primarily sought credit card numbers. With health records commanding multiple times the value of credit cards on the dark web and with the success of many hospital ransomware attacks this year, it’s not hard to imagine why all that attention has shifted to healthcare. And supply chains are a significant risk from several vantage points. 1. Like those large retailers where the infiltration was done through a supplier, the same can happen to healthcare providers; 2. Recent vulnerability discoveries in medical devices will continue and if infiltrated, can extend or spread to many facilities; or 3. Suppliers themselves can get attacked. If they are producing a much-needed medical product and production is shut down, patient care can be severely impacted.
1(current)
You Must Be Logged In To Post A CommentRegisterRegistration is Free and Easy. Enjoy the benefits of The World's Leading New & Used Medical Equipment Marketplace. Register Now! |
|
