Cyber Threats and Mitigation Strategies for the Healthcare Sector
The Australian healthcare sector will need to take urgent steps to counter the growing threat of cyber-attacks, which are growing in number and sophistication. Healthcare players can no longer afford to delay taking decisive steps to protect themselves. These steps include leadership augmentation, increased budgets and policy enhancements, amongst others. The time to act is now.
Current cyber threat trends in healthcare
Cyber threat actors generally find the healthcare sector as an attractive target because:
Fig 1: Why it makes sense for cyber threat actors to attack Healthcare
Fragile Cyber Security In Healthcare In Australia:
Last year was a highly active year for cyber threat actors who operate within the health sector. In the US, healthcare breaches increased 55.1% in 2020 with hacking and IT incidents representing 67.3% of compromises2.
The Office of the Australian Information Commissioner (OAIC) noted that health was the highest reporting sector (22%) with 518 notified breaches3. During the 2020 reporting period, the Australian Cyber Security Centre (ACSC) experienced an 84.4% increase in the number of security incident reports relating to the health sector4.
Although we have seen numerous attacks targeting vaccine developers and sensitive personal information, the most disruptive and growing threat for the health sector is “ransomware”.
Ransomware is a type of malicious software designed to block access to a computer system (via encryption) until a sum of money is paid. In August 2020, the ACSC released an advisory of ransomware campaigns targeting aged care and health care sectors after a spate of high profile publicly disclosed breaches disrupted operations at these providers5.
We anticipate a continued threat of ransomware attacks in the health sector in 2021 albeit with a few changes to their tactics and techniques.
Double Extortion: Steal Data
Recently, we found ransomware operators exfiltrating sensitive data before they started disabling victim systems. The threat actors then threaten the disclosure of this sensitive data in an attempt to coerce victims to pay the ransom in what is now referred as “double extortion” schemes6.
Inherent cyber challenges in the healthcare sector
The health sector has several inherent challenges to improve their cyber maturity to a level that is commensurate to the threats faced. These challenges include:
Boards are generally not comfortable with unmitigated issues that pose a medium to high risk. Even with the right investment and control environment in place at a point in time, this will require active management and continued investment as the cyber threat environment keeps evolving along with the business.
The threats posed require the healthcare sector to prioritize cyber security as an enterprise issue and have the right leadership with adequate resources in place. These inherent challenges also require organizations to think outside the box to effectively manage cyber threats while being a business enabler.
Mitigation strategies to consider
Our significant global experience managing healthcare environments and responding to cyber threats gives us the confidence to present to you a summary of mitigation strategies to consider:
APJ Cyber Consulting Partner – APMEA, Wipro
Ganesha has over 17 years of cyber consulting experience across industry sectors in the Asia Pacific region. He has previously served as the Asia Pacific Chief Information Security Officer (CISO) for a multinational pharmaceutical organisation in Australia and held leadership roles at EY and PwC Australia’s cyber practices. His expertise in strategy, risk management and incident response help clients develop cyber resilient strategies that drive business outcomes while managing risks within their risk appetite.