As technology has advanced and the world has become more interconnected, the threat of cyber-attacks has become a significant concern for businesses, smaller healthcare organisations, governments, civil rights and individuals alike. While cyber-attacks can target any sector, healthcare organisations have become an increasingly attractive target for cybercriminals in recent years.
Healthcare organisations store vast amounts of sensitive patient information on computer systems, making them a lucrative target for cybercriminals looking to steal or exploit valuable data. The aftermath of a successful cyber attack on the health system can be devastating. Patients’ PII (personally identifiable information), including their medical treatment information, patient names, dates of birth, social security numbers, financial data, health plans, health insurance information etc., can be stolen and put on sale on the dark web.
PHI (Protected Health Information) is amongst the most valued data in dark web / underground markets except for crypto.
Moreover, a cyber attack on a patient portal health insurance information system can disrupt the delivery of patient care, potentially leading to dangerous consequences. Given the high stakes, healthcare organisations must proactively safeguard themselves from cyber attacks. Cyphere offers various cybersecurity assessment services to help businesses secure their assets.
In this article, we will examine the prevalence of cyber attacks on a healthcare group and system, explore the types of cyber threats that healthcare organisations are vulnerable to, and examine the impact of cyber attacks on healthcare organisations and patients’ private data. We will also look at the measures that health and human services providers can take to protect themselves and affected systems from cyber threats and the best security protocols for responding to a cyber attack.
Cyber attacks on healthcare, both health and human services
According to recent surveys and studies, the healthcare industry is one of the most targeted sectors for cyber attacks. A report by the Ponemon Institute found that the healthcare industry, in 2020, had the highest cost of data breaches of any industry, with an average price of $7.13 million per most significant data breach ever by a professional finance company. Additionally, the report says that the healthcare industry had the highest average cost per record, at $429 per record.
These statistics underscore the significant financial and reputational damage that can result from a cyber attack on health insurance information systems or healthcare organisations.
Key Findings – Threats to healthcare organisations 2023 overview
-
- Healthcare service providers globally faced the top 3 threats, with data exfiltration being one of them.
-
-
- The UK and Australia saw an increase in healthcare cyberattacks in 2022.
-
- Suspicious network scanning was the most common attack type globally in healthcare in 2022, which was an initial phase of a cyber-attack.
-
- Of 693 healthcare data breaches in 2022, 607 are still under ongoing investigation by law enforcement.
-
- A malware incident has impacted over 1.24 million patient records at the Baptist Medical Center in Texas.
-
- From 2016 to 2021, ransomware attacks doubled from 43 to 91 annually.
-
- 44.4% of healthcare organisations faced disruptions in the delivery of healthcare.
-
- 8.6% of the cohort experienced operational troubles for over two weeks due to cyber attacks.
-
- Around 20.6% of healthcare organisations were able to restore data from backups.
-
- Electronic system downtime is a joint disruption, with 41.7% of healthcare service providers reporting this issue in 2022.
-
- Another joint disruption is the cancellation of scheduled care by 10.2% of healthcare service providers.
-
- Ambulance diversion was also a reported disruption, with 4.3% of healthcare service providers experiencing this issue.
-
- IT security incidents accounted for over three-quarters (78.5%) of the 693 healthcare data breaches reported in 2022.
Healthcare data breaches – An industry view
The healthcare industry faces a considerable risk from data breaches as they can result in the theft of critical patient data, including medical records, full patient names and ids, insurance information, and social security numbers. This sensitive information and stolen data are often exploited for fraudulent activities such as identity theft, leading to severe consequences. In addition to financial loss, such data theft and breaches can also harm the reputation of healthcare organisations, which may erode patient trust in human services offices in the long term.
-
- From January 1st to October 31st 2022, 594 data breaches were reported by the HHS’ Office for Civil Rights.
-
-
- On average, 60 data breaches are reported each month.
-
- In 2022, the healthcare industry was targeted in 25% of ransomware attacks, according to FBI data.
-
- Recent research by Ponemon showed that 12% of attacks originated from IoT devices.
-
- Hospitals accounted for 30% of all the most significant data breaches.
-
- The Anthem Breach affected nearly 80 million patients.
-
- Advocate Aurora Health, a prominent healthcare provider in the Chicago region, has reported a potential data breach that may have compromised the sensitive data of approximately 3M patients.
-
- 18% of teaching hospitals and 6% of paediatric hospitals experienced data breaches.
-
- There is a 75.6% probability of at least five million records being breached in the healthcare sector within the following year.
-
- Unauthorised access or disclosure accounts for 34% of healthcare data breaches.
-
- The healthcare industry was at risk of exceeding 50.4 million breached patient medical data in 2021.
-
- Among the 14 critical infrastructure industries, the healthcare and public health sectors had the most ransomware reports in 2021, with 148 out of 649 attacks.
-
- Security breaches will cost healthcare companies $6 trillion by the end of 2020.
-
- Over 2100 healthcare data breaches have been reported in the US since 2009.
-
- Between March 2021 and February 2022, hacking incidents exposed at least 42 million records in the healthcare industry.
-
- The number of exposed records decreased from 4.1 million in March 2021 to 2.2 million in February 2022.
-
- Lost or stolen PHI may cost the US healthcare industry up to US$7 billion yearly.
-
- There is a 75% chance of a breach of at least five million records occurring in the next year.
-
- A 25% chance of an Anthem-sized breach (80+ million records) is expected within the next three years.
-
- 60-80% of data breaches in the healthcare industry go unreported.
-
- 66% of organisations consider malicious insider attacks or accidental breaches more likely than external attacks.
-
- Over 1,400 breaches were negligent, and about 700 were malicious, according to a study.
-
- 39% of healthcare organisations discovered a breach months after, providing cybercriminals with time to achieve their objectives while victims remain unaware.
-
- The healthcare sector has the highest cost of data breaches among all industries, which is $408 per record.
-
- Around 47% of data breaches in the healthcare industry are caused by threat actors or various IT incidents, whereas 34% result from unauthorised access or disclosure.
-
- Negligent breaches, which occur twice as often as malicious ones, are the leading cause of data breaches in the healthcare industry.
Infographic – Healthcare cyber attack statistics
Healthcare cybersecurity market trends
-
- The healthcare cyber security market was valued at approximately USD 9395.86 million in 2021 in the entire world.
-
-
- By 2027, the market is estimated to reach nearly $22190.71M, indicating a significant growth potential.
-
- It isTheal healthcare cybersecurity market will is forecasted to have a CAGR of 15.40% from 2023-2028.
-
- The market is expected to experience substantial growth throughout the forecast period of 2023-2028.
Ransomware attacks statistics on the healthcare industry – Infographic
-
- 70% of malware attacks in 2022 were identified as ransomware, preventing hospitals from accessing critical systems like EHRs, and jeopardising patient care and safety.
-
-
- According to the Identity Theft Resource Centre (ITRC), phishing and related ploys are the most common cyberattack vectors, followed by ransomware.
-
- In the first quarter of 2022, the average ransomware attack payout was $211,259.
-
- Healthcare data breach statistics for 2022 indicate that ransomware payments decreased by 34% compared to Q4 2021.
-
-
- Cerber is the most prevalent ransomware, accounting for 58% of all threats. It seizes files and demands payment for their release.
-
- Sodinokibi ranks as the second most frequent ransomware, with 16% of attacks.
-
- VBCrypt, which targets Windows, comes in a close third with 14% of attacks.
-
- The Anthem Breach impacted nearly 80 million people. Anthem eventually settled for $116 million but did not admit wrongdoing.
-
- A of respondents think their organisations are susceptible to ransomware attacks.
-
- Ransomware is the top cybersecurity threat that concerns 60% of the respondents.
-
- Among the organisations that suffered from ransomware attacks in the last two years (41% of respondents), they experienced an average of three such incidents.
