Healthcare Industry Hit with Most Cyberattacks in 2022

Hospitals and other healthcare facilities suffered from 1410 weekly cyberattacks per organization.

By Mackenna Moralez, associate editor


Global cyberattacks increased by 38 percent in 2022, a recent study by Check Point Research found. According to the report, the number of attacks were driven by smaller, more agile ransomware groups that exploited collaboration tools used in work-from-home environments. However, more hackers took interest in hospitals and other healthcare facilities in 2022. The sector had the largest increase in cyberattacks compared to other industries, suffering from an average of 1410 weekly cyberattacks per organization.  

The study suggests that cyber groups have taken to attack hospitals and other healthcare facilities because they are perceived to lack proper cybersecurity resources, leaving them more exposed and understaffed to handle a sophisticated attack, making them more likely to payout ransom. Meanwhile, attacking hospitals can earn them attention and notoriety amongst other ransomware gangs.  

With more hospitals planning on implementing new technologies, it is expected that the number of attacks will increase will into 2023. It is imperative that healthcare facilities remain vigilant when it comes to their cybersecurity protocols. Without a cybersecurity program in place, hospitals and other healthcare facilities are at risk. These attacks can take down a majority of IoT infrastructure, and most of these devices now in hospitals have a risk factor that is considered critical. Devices with critical vulnerability can greatly affect patient safety, data confidentiality, and service ability. 

The FBI, CISA and HHS urged healthcare organizations to implement the following measures to protect against malicious activity:  

  • Install updates for operating systems, software, and firmware as soon as they are released. Prioritize patching virtual private network (VPN) servers, remote access software, virtual machine software and known exploited vulnerabilities. Consider leveraging a centralized patch management system to automate and expedite the process.   
  • Implement and enforce multi-layer network segmentation with the most critical communications and data resting on the most secure and reliable layer.   
  • Limit access to data by deploying public key infrastructure and digital certificates to authenticate connections with the network, Internet of Things (IoT) medical devices and the electronic health record system, as well as to ensure data packages are not manipulated while in transit from man-in-the-middle attacks.   
  • Use standard user accounts on internal systems instead of administrative accounts, which allow for overarching administrative system privileges and do not ensure least privilege.   
  • Protect stored data by masking the permanent account number when it is displayed and rendering it unreadable when it is stored through cryptography, for example.   
  • Secure the collection, storage and processing practices for PII and PHI, per regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Implementing HIPAA security measures can prevent the introduction of malware on the system.   
  • Use monitoring tools to observe whether IoT devices are behaving erratically due to a compromise.   
  • Create and regularly review internal policies that regulate the collection, storage, access, and monitoring of PII/PHI.  

Mackenna Moralez is the associate editor of the facilities market. 



January 17, 2023


Topic Area: Information Technology , Safety , Security


Recent Posts

The Role of Lighting in Patient Well-Being and Recovery

Lighting manufacturers discuss how certain types of lighting impacts a patient’s mood and health.


Third-Party Vendors May Pose Healthcare Cybersecurity Risks

CMS and WPS alerted individuals about a potential data breach from the third-party software MOVEit.


Palomar Health Breaks Ground on Behavioral Health Institute

The two-story facility will have 120 beds and provide 84,700 square feet of indoor and outdoor recovery space.


UNC Health Rex Files Plans for New Wake Forest Hospital

The plans will have to be approved by North Carolina’s CON office.


6 Steps to Reshaping Hybrid Healthcare Workplaces

A more enjoyable workplace can be a powerful tool for helping an organization thrive.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.