Hackers Continue to Target the Healthcare Sector in the U.S.

By Daniel Markuson, Digital Privacy Expert, NordVPN
Twitter: @NordVPN

Recently, the University of Connecticut Health (UConn Health) informed the public about a phishing breach that had potentially affected some medical and personal data of 326,000 patients. But it’s not even the largest healthcare sector data leak reported in the U.S. in 2019.

Earlier last month, the University of Washington Medicine (UW Medicine) revealed an even more serious leak. Due to a misconfigured server, the data of 974,000 patients had been left exposed on the internet for three weeks.

“Cybercriminals value medical information. It is easy to sell it on the dark web and then use it for fraud, such as identity theft, blackmail or extortion,” says Ruby Gonzalez, Head of Communications at NordVPN. “According to some sources, Social Security numbers are sold for $1 on the dark web, and credit card details cost up to $100. But full medical records can be worth more than $1,000, as they are every identity thief’s dream.”

Healthcare sector breaches are extremely dangerous, as they can expose patients’ privacy in brutal ways. Patient’s name and contact details are only the tip of the iceberg in such a leak. It may also expose their Social Security number, financial data, date of birth, health insurance information, and medical data, such as received treatments and diagnosis.

“The level to which healthcare sector is affected shows that it lags behind in system updates as well as in security education for its employees. Breaches are far more expensive than investment in cybersecurity,” comments Ruby Gonzalez, Head of Communications at NordVPN. “Healthcare organizations must take additional steps and treat cybersecurity responsibly. There’s no doubt that 2019 will witness more attacks on vulnerable hospitals and clinics.”

Cyber attacks on healthcare providers are on the rise not only in the U.S. but in Australia as well. Last year, one report proved that Australian private health providers were the most breached sector.

NordVPN’s advice about protecting healthcare companies from cyber attacks:

1. Educate employees. Healthcare companies should have regular online security training for employees. It should cover the dangers of misplacing vulnerable information or using company IT assets for personal purposes, better password management skills, and how to spot phishing and other cyber attacks.
2. Invest in multi-layer detection and recovery systems. Installing such a system helps to identify and prevent malware installation.
3. Don’t use FTP servers operating in anonymous mode. According to the FBI, “some criminal actors from abroad are trying to target protected healthcare information (PHI) and other personally identifiable info (PII) from medical facilities to intimidate, harass, and blackmail business owners.” FBI was alerting healthcare companies against the use of FTP servers operating in anonymous mode.
4. Check suppliers. Healthcare companies should choose their suppliers carefully and work with them to tighten the supply chain security. The new trend is for attackers to look for the weakest link in a supply chain to install their malware, which will affect all the companies along the line.
5. Back up all data. Data should be backed up on external drives and stored away. It’s one of the best ways to protect an organization if servers with all the data stored are terminated. This protects from ransomware attacks as well.
6. Use a VPN. Healthcare organizations usually use intranet for internal communications, which include local area networks (LAN) as well as on-site networks. When employees need to access the organization’s intranet while traveling or working remotely, they should use virtual private networks (VPNs) for a secure connection. VPNs create an encrypted tunnel that protects the connection from public access.
7. Create an action plan and get ready. Healthcare organizations should assess their risks and make a list of the most vulnerable systems. If an attack does occur, there needs to be a plan in place. The speed and efficiency of the reaction may determine how much damage will be done to the organization.
8. Choose cybersecurity vendors carefully. Many medical organizations are scrambling to hire experienced IT staff after recent ransomware attacks shocked the healthcare world. However, it’s wise to get consulting from external experts who can evaluate the vulnerabilities of the entire organization.