Topics
More on Medical Devices

Number of cybersecurity attacks increases during COVID-19 crisis

Hackers are taking advantage of provider distraction to breach health systems.

The Department of Health and Human Services has reported an increase in cybersecurity breaches in hospitals and healthcare providers' networks which may be due to COVID-19.

Between the months of February and May of this year, there have been 132 reported breaches, according to the HHS. This is an almost 50% increase in reported breaches during the same time last year.

The increase in hacking could be attributed to the COVID-19 pandemic, according to Natali Tshuva, CEO and cofounder of Sternum, an IoT cybersecurity company that provides medical device manufacturers with built-in security solutions.

"The healthcare industry has, in the past few years, been one of the most targeted industries for cybercriminals," she said. "So it's only natural that at a time of crisis, we are seeing more and more attacks on the healthcare industry."

Gaining control through patients' medical devices has become a common technique for hacking during the pandemic because more people are using remote care, according to Tshuva. These devices don't usually come with built-in security systems, so they have become prime targets for hackers. Once a hacker has gained control of a remote device, they can access the hospital's network.

Also, the temporary medical facilities being used and built to care for COVID-19 patients has created more weak spots.

"When you do things that fast, it's very hard to create the correct type of infrastructure to protect your network and protect your devices," Tshuva said.

Hackers find vulnerabilities in a system in a number of ways. They can gain access to a network through phishing emails that target an organization's employees, by hacking into patients' remote medical devices or by going into a medical facility and finding vulnerable devices within the hospital.

WHAT'S THE IMPACT?

Hackers are taking advantage of a healthcare industry focused on COVID-19.

"Hackers know that the healthcare industry is a mess right now in terms of cybersecurity and this gives them even more motivation to create more and more attacks," Tshuva said.

After a network has been compromised, the hacker's purpose is revealed.

The main motive for hacking into a hospital is financial gain. Hackers make money by selling patients' protected health information or by holding the network for ransom for upwards of millions of dollars.

Tshuva promotes medical devices with built-in security, since this can prevent breaches in real time, while alerting hospitals that their network has been compromised.

"This can also help temporary hospitals because the devices already have built-in protection, so then all you need is better network protection," Tshuva said.

THE LARGER TREND

In an attempt to curb future security breaches, NATO condemned these hackings in a statement released Wednesday.

"These deplorable activities and attacks endanger the lives of our citizens at a time when these critical sectors are needed most, and jeopardize our ability to overcome the pandemic as quickly as possible," NATO said.

In addition to their objection to the attacks, NATO also said that it is ready to take action.

"Reaffirming NATO's defensive mandate, we are determined to employ the full range of capabilities, including cyber, to deter, defend against and counter the full spectrum of cyber threats," NATO said.

ON THE RECORD

"It's best to think about security in advance because when you are in the middle of a crisis, it's very hard to go back and implement security," Tshuva said. "The best advice is to think about it as soon as possible and not only after you have a breach."

Twitter: @HackettMallory
Email the writer: mhackett@himss.org

Security in the COVID-19 Era

This month we look at how the COVID-19 pandemic is fundamentally changing healthcare organizations' approaches to security, now and in the future.