Healthcare industry is the bullseye for hackers in 2017

Ransomware is on the rise at hospitals in the U.S. and globally.

bullseye hospital healhcare
Credit: Thinkstock

Healthcare is the most cyber attacked industry according to the 2016 IBM X-Force Cyber Security Intelligence Index. In the same report just a year ago -- when financial services held the top spot -- healthcare wasn’t even in the top six.

The IBM report states that more than 100 million patient records globally were breached last year. Those figures are likely to be much higher when they are tallied for year-end 2016. Statistics from a recent HIPAA Journal mid-year summary of major healthcare data breaches confirms IBM’s findings and states that some of the cyberattacks on healthcare providers and health insurers resulted in staggering amounts of data being stolen.

Attacks on the healthcare sector are up 35 percent year to date vs. this time last year, Cybersecurity Ventures found in its recent 2016 Cybercrime Report.

Heading into 2017, healthcare providers are the bullseye for hackers.

Why are hackers targeting the healthcare sector? A recent Washington Post story says healthcare organizations are juicy targets because they have a vast amount of personal information that can be used for fraud -- contact names, social security numbers, payment and health insurance information, and more. This data is sold by hackers on a black market in the dark web.

Ransomware is plaguing hospitals -- and it poses a special challenge for healthcare IT workers.The locky virus proved that a word doc can shut down computers and cancer treatment equipment at major hospitals -- and demand proportionately higher ransom payments compared with other industries.

In response to the cybercrime epidemic faced by the healthcare industry, some cybersecurity firms are offering innovative new solutions.

Clearwater Compliance recently announced its Cyber Risk Services, a three-year program designed to help healthcare CIOs and CISOs combat cyber-attacks, and work with their boards on strategic cybersecurity initiatives to protect patient records.

Cybercrime is turning some healthcare IT security providers into lucrative acquisition targets.

Imprivata Inc., a publicly traded healthcare IT security firm announced in July that it had agreed to be acquired by private-equity firm Thoma Bravo LLC for roughly $544 million. That price represented a 33% premium over Imprivata’s stock price at the time. The acquisition was completed last month.

Healthcare security executives appear to have less understanding of the threats facing their organizations than executives in other industries, according to a 2016 White Paper from Cisco. That needs to change in 2017.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.