It is a well-known fact that healthcare is a lucrative target for cybercriminals. It's a target that's more susceptible to disruption because most healthcare devices were not connected to the internet until quite recently, therefore their developers have not made the same security investments other industries were required to do, It is also due to a large amount of sensitive data that healthcare entities maintain for patient care and operations.
Since the beginning of the pandemic, Health Delivery Organizations (HDOs) have become even more attractive profit wise for cybercriminal targets. This is primarily because healthcare providers cannot, under any circumstances, paralyze their operations. Many HDOs focus on modernizing their equipment but rely on legacy medical devices where patching and security models are outdated.
The FBI issued a report earlier in 2022 offering recommendations to address several cybersecurity vulnerabilities in active medical devices, specifically those stemming from outdated software and the lack of security features in legacy devices. In the worst-case scenario, exploitation of these vulnerabilities could impact healthcare facility operations, patient safety, data confidentiality and data integrity.
The medical field is under pressure In the case of ransomware attacks, for example, the payment of a considerable amount is almost inevitable. It is worth noting that the value of an individual's personally identifiable information (social security, driver's license, medical records, etc.) is valued up to ten times higher on the dark web, than a single piece of information obtained through a common data breach.
These cyberattacks against medical institutions are more devastating than we think. For example, in 2020, a significant incident occurred in Germany where an unidentified woman was turned away from Düsseldorf University Hospital because a ransomware attack hampered its operating ability. The woman was rushed to a hospital about 20 miles away, resulting in a one-hour treatment delay with fatal consequences.
Similarly, in 2019, a leading Medical Device Manufacturer (MDM)'s insulin pumps were urgently recalled. They contained a cybersecurity vulnerability that, if exploited, could have granted unauthorized access to control the pumps. Threat actors could also have used this vulnerability as a springboard to penetrate deeper into an HDO's communications network.