With the new year rapidly approaching and the global pandemic continuing, what can we expect for 2022 for security in the healthcare sector?
The last two years have been filled with uncertainty due to the unpredictable effects of the Covid-19 pandemic. But, as 2021 comes to an end, what potential trends in the security industry can we identify for next year?
“It’s been a long couple of years for the healthcare industry. In the age of connectivity, the once unthreatened industry has become among the most vulnerable and targeted by hackers,” said Azi Cohen, CEO of CyberMDX. “Covid forced the accelerated integration of many connected systems. While necessary, the decisions to keep up with the demand for services often overlooked or did not address cybersecurity concerns. Over the next 12 months we can expect to see the continued fallout from those hard decisions, but also hopefully a new respect and acknowledgement for the value that security brings to the healthcare industry.”
Maria Namestnikova, Head of Global Research & Analysis, Kaspersky describes how “the beginning of the mass vaccination campaign also led to many fraudulent scams. After the first vaccines appeared on the Internet – and especially dark web forums – a busy trade in vaccines began online, with no one being able to verify the authenticity of the vaccines being sold. Nevertheless, these scammers found buyers wishing to obtain vaccines as quickly as possible. Later, offers for fake vaccination certificates and various QR codes appeared, which were bought by users who wanted to evade the restrictions imposed on those who were unvaccinated.
“Our prediction that hacking attacks against vaccine developers would ramp up did not come true. The main instances of these attacks occurred at the end of 2020. Most vaccines appeared on the market shortly afterwards and, by all appearances, it seemed as if it was no longer necessary or worthwhile to meddle in the process of their development or to steal confidential information.
“Ransomware groups continued to attack medical organisations. In September, new research was published indicating that the type of attacks has led to an increase in patient mortality, as well as delayed test results, and delays in providing treatment and discharging patients from hospitals. In fact, in the fall, a story of a death caused, not in a statistical sense but rather directly, by a ransomware attack on a medical institution caught the media’s attention. As a result of a ransomware attack, an infant in a US hospital died after the doctors could not provide adequate treatment due to frozen computers. Unfortunately, despite the best efforts by medical institutions and information security companies, the healthcare industry remains one insufficiently protected and vulnerable to attacks of this kind.”
So, what are some of the biggest predictions for 2022 for the healthcare sector and what security measures can we put in place to prevent these threats?
Shifting attacker strategy
Cyberattacks on healthcare providers will become more targeted and sophisticated. Bad actors will use what they’ve learned during the pandemic attack surge to shift from a “spray and pray” model to a “bait and prey” strategy where there is more up-front profiling and analysis of a hospital’s weaknesses, vulnerabilities and potential payouts.
Hospital boards demand security
With the record number of attacks over the past two years still trending up, hospital boards will push CEOs, CIOs and CISOs to reduce risk. Boards will focus on closing the largest and most likely threat vectors to reduce the likelihood of successful attacks, but will also demand new protocols be put in place to cut recovery times from weeks and months down to days or even hours to limit the losses from network and device downtime.
To read the full article see our latest issue here: December/January 2022 Single Issue – (securitybuyer.com)