In 2018 we will see a lot of cybercriminals targeting IoT along with smaller healthcare providers. Ransomware breaches in healthcare jumped up to 89 percent in 2017, compared to the year before. In 2017 a new study performed by Cryptonite predicts that 2018 won’t be any easier. Attackers have increasingly set their sites on smaller providers and the myriad of connected IoT (Internet of Things) across healthcare.
In 2017, there were approximately 140 hacking related data breaches that were reported to HHS and the OCR. This is almost a 25% increase over the 113 reported in 2016. Sadly the trend is up, not down. Cybercriminals are constantly perfecting their craft and honing in on what they consider a vulnerability in your practice.
Targeting Smaller Practices
In the past, criminals have focused on the large healthcare networks, like Anthem, Hospitals and Banner Health. They now consider smaller medical practices and healthcare organizations as “low hanging fruit”. Attackers have increasingly turned their attention to a much broader mix of healthcare providers. Part of the reasons is that the ransomware tools have improved so the hackers find it much more affordable for them, to target physician practices, surgery centers, diagnostic laboratories, and many other smaller healthcare institutions.
The IoT devices in Healthcare also represent new and expanding opportunities for criminals. the IoT devices are no w nearly ubiquitous in healthcare and widely deployed in intensive care facilities, operating rooms and patient care networks. Think about it. What do you have in your practice? How about your home? IoT is everywhere.
Of course cybercriminals are after medical records for 2 reasons. One, is to sell the valuable record on the dark web, and two is to extort ransom payments. Remember, the medical record can be worth up to 5 times more than a generic record. Drug seekers, fraudulent insurance claims, and money are the top reasons these records are valuable.
If you would like more information on how to protect your network, contact Tier3MD and inquire about their full cybersecurity suite.