Undoubtedly, the Digital Revolution has transformed healthcare. However, it has been accompanied by increased exposure to cyberattacks. And, the consequences can be deadly. The FDA recently warned against the hacking of IoT-connected insulin pumps and implanted heart devices. Hackers can conceivably take control of such devices to execute malicious actions against patients. In light of COVID-19, the world’s largest hacker groups have promised to refrain from targeting healthcare organizations, but can we take them at their word? Below, we examine the dangers of legacy platforms in healthcare and the threat vectors that facilitate cyber attacks.
By understanding the latter, organizations can better respond to cyber threats.
Understanding Threat Vectors
In a nutshell, attack vectors allow attackers to obtain unauthorized access to private networks. If successful, hackers can deliver malicious payloads to vulnerable systems. Essentially, attack vectors enable cybercriminals to exploit system vulnerabilities to harvest sensitive data or personally identifiable information (PII). According to News On Compliance, “the global average cost of a data breach has grown by 12 percent, totaling USD 3.92 million” per security breach. With such numbers, eradicating possible attack vectors is critical to protecting patient data.
Three Key Attack Vectors in the Healthcare Industry
Major threat vectors include phishing, cross-site scripting attacks (CSS), ransomware, and malware. According to the HIPAA Journal, phishing, poor cybersecurity protections, and third-party supplier vulnerabilities are the three most common threat vectors in the healthcare industry. To date, healthcare and construction are the two industries most vulnerable to cyber-attacks.
The publication also points out that “Detection of threats on healthcare endpoints were up 45% in Q3, 2019, increasing from 14,000 detections in Q2 to 20,000 in Q3.” Threat detections also increased by more than 60% in the first three quarters of 2019.
The healthcare industry has experienced a whopping 82% increase in attacks related to Trojan malware since late 2019. The most notable Trojans used by attackers were Emotet and TrickBot which delivered Ryuk ransomware to vulnerable systems. Now, hackers are using Emotet to target the pharmaceutical industry. Certainly, digital forensics and IP attribution can be used to identify the origin of cyberattacks. However, prevention is critical.
The Risks of Operating Legacy Platforms in Healthcare
In some instances, medical data holds much more value to cybercriminals than financial data. Ransomware criminals often force institutions to pay millions of dollars before releasing the stolen data. Presently, personally identifiable information (PII) can be sold on the Dark Web for more than $1,000 each. This price tag is significantly higher than that for personal financial data. Stolen medical records are used to fill prescriptions, commit medical identity theft, or perpetrate insurance fraud.
But, what makes the healthcare industry especially vulnerable? After all, financial institutions have long been the targets of cybercriminals. Until the 1980s, most banking transactions were done manually. Yet, the financial services industry is far ahead of healthcare in the cybersecurity endgame. This may be due to the fact that it has gone to great lengths to reduce its liabilities after high-profile breaches at revered institutions like Morgan Stanley, Equifax, and Capital One. In 2016, the courts assessed a $1 million dollar fine on Morgan Stanley for failing to protect consumer data.
Meanwhile, the Capital One breach in 2019 affected more than 100 million customers, who had data from credit card applications and personal accounts stolen. According to Forbes, the breach will likely cause a 3% dip in revenues for Capital One in both 2020 and 2021. As a result of these costly breaches, financial institutions increased cybersecurity spending. A 2018 Deloitte survey found that the financial sector is now spending up to $3,000 per full-time employee on cybersecurity.
Cybercriminals have since shifted their focus towards healthcare since it has been relatively slow in adopting new cybertechnologies.
Healthcare Industry Slower Than Others in Adopting Disruptive Technology
According to HealthITSecurity, 56% of healthcare providers still rely on legacy Windows 7 systems. Meanwhile, organizations in other industries have already made successful migrations to Windows 10. So, why do over 50% of healthcare providers still use legacy platforms? Significantly, a recent Forescout report revealed that 70% of IoT and medical devices will be operating on outmoded Windows platforms by 2020.
Outdated operating systems have led to significant liabilities for global healthcare providers. In May 2017, a WannaCry ransomware attack affected more than 300,000 computers in 150 countries. Approximately 98% of the computers affected were running some version of Windows 7.
In addition to the Microsoft security flaw, Intel announced its own security flaw in May 2019. Then, its security researchers discovered MDS attack variants that can exploit the vulnerabilities in Intel chips to siphon sensitive data from CPUs.
Among other issues plaguing the healthcare industry is the difficulty of filling cybersecurity healthcare jobs. Indeed, the lack of cybersecurity talents has reached crisis levels. By 2021, the cybersecurity talent gap will widen by 3.5 million.
Custom Software Development Solutions for an Ever-Evolving Environment
If you’re a CISO or IT professional in the healthcare industry looking to modernize your organization’s legacy platform, we can help. At Entrance, we leverage our leading-edge Agile Development Process to deliver secure custom software in a matter of weeks. Our robust yet affordable solutions will save you tens of thousands of dollars on licensing, hosting, and maintenance fees (not to mention cybersecurity liability costs). To learn more about how we mitigate the risks of legacy platforms in healthcare, contact us today!