Home Science & Technology Healthcare cyberattacks are more likely to have financial consequences

Healthcare cyberattacks are more likely to have financial consequences

21
0


Netwrix announced additional findings for the healthcare sector in its 2022 Global Cloud Security Report, revealing that 61% of respondents in health care industry has suffered a cyberattack on its cloud infrastructure in the past 12 months, compared to 53% for other verticals. Phishing was the most common type of attack reported.

“The healthcare sector is a lucrative target for attackers because the chances of success are higher. The first two years of pandemic exhausted the industry. Because patient health is a top priority for these organizations, IT security resources are often overstretched and focused on maintaining only the most essential functions,” comments Dirk Schradervice president of security research Netwrix.

“Furthermore, the high value of the data gives cybercriminals better opportunities for financial gain: they can either sell stolen confidential medical information on the dark web or demand ransoms to ‘unfreeze’ medical systems used to keep patients alive.”

An attack in healthcare is likely to have financial consequences. 32% of respondents from other industries report that the attack did not affect their business, while only 14% of healthcare organizations say the same. Unplanned costs to address security gaps and compliance penalties are the most common types of damage the healthcare sector faces due to a cyberattack.

“Health care organizations plan to increase the share of their workload in the cloud from 38% to 54% by the end of 2023. Rapid adoption of the cloud must follow appropriate security measures and a special focus on Internet of Things (IoT) devices and systems; for example, failure of respirators or IV equipment can result in physical harm to patients,” Schrader adds.

“Network segmentation will help prevent a single compromised device from affecting the entire system. IT teams must also strictly limit who – people and machines – can access which data and systems according to the principle of least privilege, and regularly review and configure access rights.’

Previous articleWant to help researchers understand fireflies?
Next articleOpinion: The public needs exclusive listings