Recent Cybersecurity Issues and Attacks in Healthcare

From Phishing to Malicious Software, Discover the Techniques Hackers Use

February 25, 2021
A man in a dimly-lit room stares into the monitor on his desk. The computer screen has a map and green code and a red warning.
Cyber attacks on healthcare organizations continue to rise, as hackers prey on weak healthcare cybersecurity.

The number of cybersecurity in healthcare incidents that threaten the confidentiality, integrity and availability of HIPAA protected health information continues to rise. This is in part due to the continued adoption of new and advanced technology in the healthcare sector. At the same time, healthcare cybersecurity professionals are also having to deal with sophisticated tools and techniques used to exploit vulnerabilities, attack healthcare systems and gain unauthorized access to data.

Types of healthcare and hospital cyber attacks

Weak health cybersecurity falls under three categories: people, tech and policy. This includes outdated software, legacy operating systems, configuration vulnerabilities and insider threats. Software could be poorly designed. Healthcare organizations could lack explicitly written security policies. Incident response and recovery plans could be inadequately implemented. Security technologies such as firewalls could be weakly configured. Personnel such as doctors and nurses could be poorly trained.

Health cybersecurity weaknesses put organizations and patients alike at risk to cyber threats and hospital cyberattacks such as these:

  • Phishing attacks. Phishing is a type of social engineering attack. Someone posing as a trusted entity tricks an employee into opening a message or email and clicking a malicious link. Oftentimes, the goal is to steal health information. The best defense against this is well-trained staff who can spot a phishing attempt. The FBI, Department of Health and Human Services and Cybersecurity and Infrastructure Security Agency recently warned healthcare providers that phishing attacks are an “imminent and increased cybercrime threat.”
  • Data breaches. Data breaches occur when healthcare information, especially HIPAA protected health information, is accessed without authorization. Between 2009 and 2020, more than 3,700 reported healthcare data breaches of 500 or more records impacted nearly 270 million healthcare records, according to the HIPAA Journal. This represents over 80% of the U.S. population.
  • Malicious software (malware) and hospital ransomware attacks. Malware is designed to damage individual computers, one or more servers or entire hospital networks. Hospital ransomware attacks lock up networks and make them unusable. This could include critical medical devices such as radiation or dialysis machines. If healthcare systems aren’t probably backed up, organizations have to pay a lot of money to get their systems back online. Reported hospital ransomware attacks declined in the middle of 2020, but a new wave of these cyberattacks hit the healthcare sector in the fall of 2020.
  • Denial of service (DoS) attacks. DoS attacks try to shut down the operations of a machine, network or system by consuming all available network or system resources and overloading it with excess requests. These types of cyberattacks impact anything from a website to a medical service. The result is typically a slowdown or server crash. A coordinated effort from multiple sources is known as a distributed denial of service (DDoS) cyberattack.

Examples of healthcare and hospital cyber attacks

Healthcare organizations continue to be big targets for cyberattackers, who have committed numerous high-profile incidents in the past year. These are just a few of the cybercrimes that have recently hit the healthcare sector.

  • Phishing attack on Magellan Health. In May 2020, hackers impersonated a client of Magellan Health and gained access to the hospital’s network, including Merit Health Plan, UF Health and the University of Florida Health. Impacting more than 365,000 patients, the hackers withdrew data from a single corporate server then deployed ransomware.
  • Data breach on Dental Care Alliance. From September to October of 2020, hackers gained access to the network of third-party vendor Dental Care Alliance, which includes 320 affiliated practices across 20 states. The data breach impacted about 1 million patients whose HIPAA protected health information and payment card numbers were stolen. About 10% of those patients had bank account numbers stolen.
  • Ransomware attack on Blackbaud. Between February and May 2020, a hospital ransomware attack hit Blackbaud, a company that stores donor information for health systems, among other organizations. The cyberattack affected more than 46 hospitals and health systems, as well as their patients. The breach exposed HIPAA protected health information of millions of individuals, including Social Security numbers, and led to at least 10 different lawsuits.
  • DDoS attack on U.S. Department of Health and Human Services (HHS). In March 2020, cyberattackers increased pressure on HHS through a DDoS attack in an attempt to impact the coronavirus pandemic response through disruption and disinformation. Officials claim the cyberattack was unsuccessful and no networks or data records were affected.

Current trends impacting cybersecurity in healthcare

The global coronavirus pandemic has deeply impacted the healthcare sector, from the way healthcare is delivered to how healthcare information is kept safe. Health and medical cybersecurity efforts have had to ramp up to meet the rapidly growing demand for technology in healthcare delivery. This includes telemedicine, mobile service applications and videoconferencing. Remote working, in particular, is making the job of managing access control more difficult for cybersecurity in healthcare teams. Access control is a key safeguard of the HIPAA Security Rule.

Federal regulations in healthcare, namely HIPAA, have also evolved due to the coronavirus pandemic. The Department of Health and Human Services issued a limited waiver of HIPAA sanctions, and the Office for Civil Rights lifted certain HIPAA penalties to allow more platforms that weren’t considered HIPAA-compliant to be used during the outbreak. These regulatory issues present new opportunities, as well as challenges, to cybersecurity in healthcare.

Learn how to mitigate hospital cyberattacks and threats

Touro’s online certificate in healthcare cybersecurity covers some of the most pressing issues in healthcare technology today, including:

  • Network security and survivability and the types of cyber threats that threaten them
  • The impact of Internet of Things (IoT) devices on the healthcare sector and cybersecurity
  • Understanding the Health Insurance Portability and Accountability Act (HIPAA) and how HIPAA affects healthcare cybersecurity
  • Enterprise health clouds and how to secure them
  • Security, privacy, legal and ethical issues related to protecting health information

In six courses, you get a broad perspective on cybersecurity in healthcare. For example, the Incident Response and Recovery course looks at how healthcare organizations can best protect themselves from hospital ransomware attacks and other cyber threats. In this course, you’ll gain hands-on experience using advanced strategies, tools and techniques such as the development and implementation of operational procedures and an effective incident response and recovery plan. This and other program coursework help you develop technical skills in incident response team development and management, evidence handling and other vital areas in medical and health cybersecurity.

Find out more about how Touro’s cybersecurity in healthcare online certificate program can prepare you for an exciting, transformative career in healthcare cybersecurity.