By Zac Amos, Features Editor, ReHack
LinkedIn:Â Zachary Amos
LinkedIn:Â ReHack Magazine
As the healthcare industry becomes increasingly reliant on digital databases and communication, the threat of cybersecurity attacks grows. Patient portals are a particularly popular target for attackers because of the sensitive information they contain. To protect patient information, providers must know how to prevent credential stuffing attacks.
What Is Credential Stuffing?
Credential stuffing is a type of cyberattack in which attackers use automated tools to attempt large numbers of stolen username and password combinations on various websites. When hackers gain access to data from a successful login combination, they use that information to attack an organization through personal accounts, such as a patient portal.
The login data allows them to access the accounts, steal the information, and either sell it to the highest bidder or use it to generate their own profits. Credential stuffing attacks are relatively common due to the substantial amount of money that can be gained.
How Credential Stuffing Impacts Healthcare
Patient portals allow medical professionals and patients to communicate more easily and give patients access to their electronic health records (EHRs). These portals and EHRs are the primary source of information for patients regarding their healthcare needs. In fact, 75% of healthcare providers agree that EHRs enable patients to receive higher-quality care.
Unfortunately, patient portals are a vulnerable area to attack because they serve as a direct link between patients and healthcare providers. Portals also usually only have password protection, which puts just one barrier between the attacker and a client’s sensitive information.
Healthcare is one of the most lucrative organizations to target due to its access to sensitive personal client information, including financial details, insurance records and identifying information, such as Social Security numbers and driver’s license numbers.
How to Detect and Prevent Attacks
Below are some steps healthcare IT professionals can take to protect sensitive information and prevent credential stuffing attacks.
1. Use Multi-Factor Authentication (MFA)
MFA is a must with every online account, not just patient portals. Having more than just a password to secure an account keeps the threat of an attack low and creates more barriers for attackers to break through before accessing sensitive information.
2. Look for Compromised Credentials
Be aware of the most common login and password combinations and data breach records to ensure clients are not reusing outdated, exposed information when making their own passwords or usernames. Encourage users to change their passwords and avoid reusing old ones.
3. Monitor Logins
Ensure that the portal software recognizes the patient’s typical device and flags unfamiliar device logins. Security questions are another effective step to provide an additional layer of security. Setting up a bot detection system is another potential barrier to consider.
IT professionals should also monitor the software storing account information to look for suspicious activity that they can shut down before the attacker actually breaches the system. This includes looking for changes in site traffic, such as multiple accounts being logged into simultaneously within a short period or a large number of accounts experiencing failed login attempts at the same time.
4. Shut Down After Multiple Attempts
If there are multiple failed attempts in a row, systems should be programmed to shut down access to that account for an extended period. This step can stop hackers from continuing. To limit the number of disgruntled patients trying to access their data, allow customers to contact an IT representative to reopen their account if they were the ones who logged in.
5. Educate Patients
Educate patients on the importance of creating strong, unique passwords by increasing the character count and incorporating numbers and symbols. Creating a guide for patients to learn what makes a strong password while also highlighting the risks of creating a weak one can potentially save clients from having their information leaked.
6. Consider Passwordless Logins
Passwordless logins are a common feature of accounts today because they eliminate the possibility of a patient’s password being exposed in data breaches. Face ID and fingerprint access are common, personalized alternatives to passwords.
Avoid Credential Stuffing Attacks
In an increasingly digital world, cybersecurity is essential, particularly when handling sensitive healthcare information accessible through a patient portal. Taking steps to avoid harmful attacks, such as credential stuffing, is crucial for creating security for both patients and healthcare organizations.