The changes in the Healthcare landscape over the last two years forced crucial changes to the industry. Employees working from home via telehealth or other methods of hybrid work meant that there were more entry points for attackers. According to IBM the average cost of a data breach within the Healthcare Sector is just under $10 million AUD, which could be make or break for many Australian businesses.
COVID-19 has fundamentally changed the cyber threat landscape for the health sector, with malicious actors increasingly targeting and compromising health networks, which are already under pressure in a pandemic operating environment. Malicious actors are primarily financially motivated and may seek to gain access to valuable data stores, use the branding from high-profile victims and incidents to bolster the legitimacy of the targeting activity, and/or cause disruption to business operations and continuity through methods such as ransomware. (ACSC 2020)
Attackers who target the healthcare sector aim to impact the service delivery, disrupt the supply chain of service critical products, threaten the delivery of device functionality, and of course, destroy the reputation and cause financial damage. Having any downtime during critical service can be crucial to any organisation, so it is vital that security practices are in place to ensure the best chance of not getting attacked.
According to the ACSC the main source of data being stolen is client information and intellectual property. They may wish to steal client information to access addresses, medical histories, healthcare information, and more to impersonate or cause fraud whereas intellectual property could be in response to practice-specific research, vaccine development, or special treatments.
Vulnerabilities in Remote access
Email or Phishing Campaigns
-Regular Security Patching
If you would like to chat with an account manager about how your security practices stand up against modern threats reach out below.