Despite ongoing investment and improvement in their cybersecurity posture, healthcare agencies like the Department of Health and Human Services’ (HHS) and Centers for Medicaid and Medicaid (CMS) continue to be targets for cyber crime and cyber espionage. According to the Office of Management and Budget (OMB)’s Federal Information Security Modernization Act annual report, HHS has been deemed “at risk” for cyberattacks because “significant gaps remain” despite the policies and processes they have put in place around cybersecurity.
While HHS continues to work on improving their overall information security program, CMS is recovering from a breach that exposed the files of an estimated 75,000 individuals accessed in a breach of Healthcare.gov for Affordable Care Act enrollment.
A recent study released by FireEye,– Beyond Compliance: Cyber Threats and Healthcare — the companies skilled Mandiant researchers found three major areas of motivation for cyberattacks directed at public sector healthcare organizations. It’s important for agency leaders not only to understand what the key trends are so that they can continue to build their organizational resilience and adapt to future threats.
Here are some key takeaways from the study for healthcare information security leaders:
Cybercrime Threats to Healthcare Organizations
Financial gain is the most common reason for cyber attacks. With the ability to access documents with complete personally identifiable information (PII) cyber criminals are able to maximize the return on their criminal activity. Equally, with healthcare information being time sensitive and critical to care, healthcare organizations are prime targets for ransomware.
Cyber Espionage a Rising Trend for Healthcare Organizations
Cyber espionage, the act of stealing classified, sensitive data or intellectual property to gain a competitive advantage, can be catastrophic when it disrupts healthcare operations. In recent years, FireEye’s researchers found there has been a huge increase in the theft of cancer research data by Chinese espionage groups, likely stemming from a rising mortality rate among cancer patients in China. Additionally, the “Made in China 2025” plan includes a push for increased development of medical technologies and devices, which may also be another driver of these threats.
What to Watch for Next: Hacktivism/ Information Operations
At present, hacktivism and information operations are a much less common threat to healthcare organizations. However, FireEye’s researchers confirmed in the report that hacktivst campaigns and other information operations should be on the radar for healthcare organizations. As the global political situation becomes more volatile, there is a growing interest from nation states who want to disrupt or destroy healthcare capabilities in a given region where there are heightened tensions or national interests at stake. This type of information warfare could also be applied to attacks on biomedical devices, such as pacemakers and insulin pumps.
Because healthcare organizations maintain such a wealth of valuable data and access to critical systems, the downstream impacts of a data breach or cyber attack have extremely serious consequences. For these reasons, it’s essential that healthcare leaders are primed with information, resources, and partners to not only address today’s threats, but those that are building on the horizon.
Download the full report – Beyond Compliance: Cyber Threats and Healthcare.