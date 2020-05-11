These are the reasons why hospitals and healthcare facilities are an attractive target for cybercriminals.

By EuroXlive

Hospitals, as well as organizations and companies linked to the health sector, have stood out for some time for being one of the main targets of attack for cybercriminals, in a context like the current one, a computer attack on a hospital could have consequences even more severe. To further understand this scenario, ESET, a leading company in proactive threat detection, explains the reasons that make the health sector an attractive target for cybercriminals.

This month INTERPOL issued a statement alerting about a significant growth of ransomware attacks targeting hospitals in different countries of the world. In the United States, the FBI published a alert as a consequence of the increase in deception directed at health organizations and government entities. He also released a new warning which referred to phishing emails addressed to providers in the health sector in that country. Furthermore, the Czech Republic's main cybersecurity agency issued a warning stating its concern about a possible large-scale attack especially targeting hospitals and the health sector in general.

In this context, the ESET Research Laboratory explains the points that make the health sector an attractive target for cybercriminals:

– Malicious actors always take advantage of topics of interest to plan their attacks: Several organizations have alerted in recent weeks to the increase in malicious campaigns trying to capitalize on concerns about the advance of the COVID-19 pandemic and also on the particular interest of the health sector as a target of its attacks. An example of this has been the significant increase in campaigns in recent months. malicious attempts to exploit the coronavirus issue to trick users into compromising their devices.

– A critical sector: The health sector plays a vital role for the well-being of a society, which makes it a perfect target for extortion through a ransomware attack, as interruption in the continuity of the services they provide can have a significant impact on community. The need to urgently resolve any type of incident is a favorable point in the negotiation for a cybercriminal. Other aspects make it a target of interest, are the lack of safety training for health professionals; the existence of multiple vulnerabilities due to the use of obsolete software; the multiplicity of IoT devices that are used, or the sensitivity of the information they handle.

– Data and information sensitivity: Medical reports contain private and personal information that should not fall into the wrong hands. Added to the medical reports is the sensitive information from the industry: development of new drugs and treatments, data from medical research, results of tests of experimental treatments, among others. In this context, a ransomware attack, for example, would leave a doctor without access to electronic health records and without the possibility of using computer assessment methods due to the incident.

– Cyber ​​attacks on the health sector are not new: Data breaches and ransomware attacks in 2019 by healthcare organizations in the United States represented an estimated cost to the sector of $ 4 billion. Five health care organizations in that country reported ransomware attacks in a single week in June last year, prompting, for example, a medical practices center in the state of Michigan. will close after refusing to pay a ransom to attackers. In a comparison carried out between sectors such as education, health care, finance and professional services in general, the percentage of attacks directed at health care entities represented 41%, being the highest among the sectors.

– Cases of cyberattacks to hospitals and health centers: In recent years, there have been a large number of cases of computer attacks on hospitals, organizations and companies in the health sector in different countries. Regarding data gaps, the North American clinical laboratory, Quest Diagnostics, which operates in the United States, United Kingdom, Mexico and Brazil, was victim of a data breach It was known in mid-2019 and affected almost 12 million patients.

In France, an attack caused a computer blackout in 120 hospitals in the countryAlthough it had no consequences for patients, it forced professionals to have to resort to pencil and paper. Something similar happened in Australia and the United States in the second half of 2019, when several Hospitals and healthcare providers were affected by ransomware attacks that they forced to shut down part of their systems and made access to compromised computers impossible.

In January 2020, a attack on the Torrejón University Hospital, in Madrid, affected the availability of several of its computer systems. Although details of the incident were not disclosed, the opinion was about a ransomware attack, since the malware used blocked the systems, preventing access to the patient's medical records and forcing professionals to make medical reports manually. Almost a month after the incident, the hospital had managed to recover 80% of the computer systems.

– Vulnerable ecosystem: Another aspect that makes this sector vulnerable is the use of outdated or unsupported software. A report published by Forescout in 2019 assured that 70% of computers in the health sector would be using an unsupported operating system, such as Windows 7. In addition, a study Global published in mid-2019 by the company Armis revealed that in the previous six months, 40% of medical institutions (hospitals, clinics, etc.) were impacted by WannaCry ransomware; A malicious code that wreaked havoc globally in 2017 as a result of a vulnerability that two years later continues unpatched on multiple devices active in this sector.

– IoT devices in the health sector, a broad attack surface: Growth in the integration of medical devices connected to the internet, represents a security risk by representing a larger area vulnerable to computer attacks. In the update there is in use millions of medical IoT devices connected to patients providing information on your health status. However, data from a survey conducted by Irdeto in 2019 of security professionals working in the health sector showed that, in the last year, 8 out of 10 organizations in this sector in the United States suffered a targeted attack. to IoT devices, and that 30% of those attacks have compromised the security of the end user.

"We are at a time when guaranteeing the normal functioning of health entities becomes a priority to address the situation we face with this pandemic. This is why everything related to computer security cannot be neglected, since it is a critical point that if not properly managed can be exploited by cybercriminals to hinder the normal operation of health entities. The digital transformation has reached health entities, and this transformation must be done safely, taking care of the availability and privacy of the data. Although this process represents an additional challenge for this type of entity, it must be faced to guarantee the safe use of technology, ”said the head of the ESET Latin America Laboratory, Camilo Gutiérrez.