The healthcare sector has been under increasing attack from cybercriminals with a variety of tactics and motivations. In fact, cyberattacks targeting healthcare providers increased 63 percent in 2016. The increased attention cybercriminals are giving the healthcare space is not surprising. The protected health information and other personally identifiable information (PII) that healthcare practices store about their patients is exactly the type of data that is easily monetized.
Once cybercriminals breach healthcare networks and exfiltrate patient data, it can be sold on the dark web for purposes of identity theft, tax fraud, and more. Similarly, cybercriminals target healthcare providers with ransomware believing they will be more likely to pay to restore the critical – and potentially lifesaving – data that has been locked down.
As a result, healthcare providers are making a concentrated effort to update their cybersecurity protocols, especially in light of recent breaches and cyberattacks such as WannaCry and Petya. They have also stated their intention to increase their cybersecurity personnel by 20 percent or more in 2017. However, while all healthcare providers house equally valuable personal patient information, and are targeted by the same types of attacks, not all of them have the same budget or access to similar cybersecurity resources.
Small to medium-sized healthcare practices are especially vulnerable. They need a cost-effective way to prioritize their cybersecurity protocol because, in addition to protecting patient information, 60 percent of these small businesses had to close their doors in the six months following a cyberattack.
Why are SMB Medical Practices Vulnerable?
There are three main factors that are increasing small medical practices susceptibility to cyberattacks.
- Small to mid-sized businesses across industries tend to fall into the trap of thinking they are too small to be targeted by cybercriminals. Their thinking is often, “Why would criminals target a small local practice over a large healthcare enterprise that serves millions of patients?”
However, this thinking is a mistake. Cybercriminals care less about how big the target is, and more about the data they hold and the time and effort it will take to get their hands on it. Small practices have the same patient information as large ones, just on a smaller scale. Targeting multiple small practices over a single larger provider, which is likely better prepared for a cyber incident, often yields similar results for cybercriminals in terms of salable data, with significantly decreased costs in terms of overhead in order to compromise those systems.
- SMB practices also face the challenge of limited IT resources. There is currently a notable shortage in experienced cybersecurity professionals, which means smaller organizations usually do not have the IT personnel necessary to detect and respond to today’s sophisticated threats in a timely manner, let alone having deployed the sort of enterprise-class security often required to repel such attacks.
- Finally, healthcare providers are increasing the level of care they provide through patient data and communications offered by the Internet of Medical Things (IoMT), While this is good for both physicians and patients, the increased number of third-party devices accessing the network, especially those not designed with security in mind, also means a wider threat landscape for criminals to target. And meshed communications channels with other providers and hospitals not only make providers more vulnerable, they can also represent a weakest link access point to compromise other connected systems.
These three factors become especially dangerous when combined with the opportunistic nature of today’s cyberattacks. When analyzing attacks like Petya and WannaCry, it’s clear that cybercriminals are not spending their resources figuring out creative new ways to infiltrate networks with zero-day threats. Instead, they are taking advantage of known vulnerabilities and exploits for that, while spending their resources in developing more advanced threats with intelligent payloads and advanced evasion techniques.
Limited IT resources combined with a lack of cybersecurity protocols and the adoption of IoMT solutions creates many appealing opportunities for cybercriminals to exploit.
Getting In-Depth Defense at Scale
In a recent survey, 55 percent of SMB respondents said they had experienced a cyberattack in the last year, while only 14 percent said they felt their companies were highly effective at mitigating these risks. As these attacks become more frequent and sophisticated, however, small and medium-sized healthcare practices will be increasingly targeted and breached.
To mitigate these risks, SMB medical practices need to adopt cybersecurity best practices, such as only allowing necessary personnel access to high-risk information, conducting regular data backups, and segmenting their private and guest networks. Additionally, medical practices need to ensure their employees are effectively educated on cybersecurity best practices and common attack vectors. For example, threats such as ransomware are often disseminated through malicious attachments to emails. This knowledge will make employees think twice before opening an attachment from an unknown sender.
However, as threats become more sophisticated, these elements alone will not be enough to secure your network. This is why Fortinet offers Unified Threat Management, providing integrated and automated security to SMB practices at a reasonable scale and price.
More about Connected Unified Threat Management
Fortinet’s advanced Unified Threat Management (UTM) solutions put your practice back in control of its data security through a single integrated portal. UTM organizes your increasingly distributed network infrastructure by providing endpoint protection, wired and wireless connectivity, sandboxing, and more, allowing your network security to grow and scale with your practice as digital transformation technologies, such as IoMT devices, are adopted.
With Fortinet’s UTM solution in place, small to medium-sized medical practices are now able to arm their network with the most up-to-date threat intelligence from around the world, collected by the millions of devices located in small and medium-sized businesses across the globe and then directly shared with UTM devices.
Its real-time threat intelligence and automated response delivers integrated security across your distributed network. Its UTM-integrated services interoperate within a single, automated security system, providing IT teams with a clear, single pane of glass visibility into the network and centralized control over policy orchestration and threat response. Additionally, because each element comes from a single vendor, service and signature updates happen seamlessly and simultaneously, easing the strain on your already overstretched IT team.
The lack of a true cybersecurity culture, the increased adoption of IoMT devices and distributed network systems, and the growing cybersecurity skills gap, combined with the opportunist nature of today’s cyberattacks, have created a perfect storm for SMB healthcare providers. In order to protect patients’ information and your digital business, you need to combine cost-effective and highly effective security tools with cybersecurity best practices at both the IT and employee level. A well-informed staff, combined with a robust and automated cybersecurity and threat intelligence program, scaled to fit the size of your business, will reduce the impact of cyberattacks through early prevention and detection.
Let’s get a conversation going on Twitter! What cybersecurity best practices do you employ?