Why Is The Healthcare Sector A Top Target For Cyberattacks?

The healthcare sector has seen an alarming rise in the number of cyber attacks over the past few years, causing serious disruption to patient services, financial losses and an erosion of public trust. Here’s a look at why the sector is a growing target for cybercriminals, and how IT support for healthcare is part of the solution. 

Access to sensitive personal data

Healthcare organisations have to store high volumes of sensitive data, including medical records and other documents with personal details. Criminals target these records in order to sell them on the black market or carry out identity theft. This can enable fraudulent financial transactions with a low risk of early detection. 

Outdated IT systems

One of the biggest contributory factors to last summer’s large-scale cyberattack on NHS services was identified as outdated IT systems, which may not be compatible with the provider’s latest security updates. This means that there may be easily identifiable weaknesses that can be exploited by cybercriminals. 

On 3 June 2024, a Russian-based hacking group named Qilin launched a ransomware attack on Synnovis, a pathology service for several major London NHS hospitals. According to BBC News, this led to the postponement of almost 5,000 acute outpatient appointments and 1,391 operations. 

Qilin demanded a ransom of £40m, which was not paid, leading to the publication of sensitive patient data on the dark web. The group has targeted other healthcare systems around the world. 

Prof Ciaran Martin, the founding CEO of the UK’s National Cyber Security Centre (NCSC), told the BBC: “I was horrified, but not completely surprised. Ransomware attacks on healthcare are a major global problem.”

He added: “In parts of the NHS estate, it’s quite clear that some of the IT is out of date.” He also emphasised the importance of basic security practices, stating: “Those little things make the point of entry quite a lot harder for the thugs to get in.” These include implementing security patches, being vigilant for phishing emails and regularly changing passwords.

The high price of not paying ransoms

Cybercriminals also exploit the critical nature of healthcare services, where disruption to services not only leads to financial losses, but also potential harm to patients and even the loss of life. This means the organisation may be more likely to give in to demands for ransoms. 

How IT support services can help to mitigate the threat

The threat of cyberattacks is only going to grow more severe in the future, and the government has now announced a funding package to upgrade the NHS’s outdated IT infrastructure. Here’s how a managed service can help.

Proactive cybersecurity measures

An IT support service will be able to implement tailored cybersecurity solutions, including advanced threat detection tools and endpoint protection. Other measures may include introducing automated patches and updates, alongside proactive monitoring to detect potential threats and vulnerabilities before they escalate. 

Zero trust framework

The IT experts will adopt a ‘zero trust’ approach for robust cyber security. This means implementing stronger identity verification, such as two-factor authentication for access to all devices. They may also place strict controls on who can access the most sensitive data to reduce the risk of malicious inside actors.

Educating staff

Sometimes, cybercriminals exploit basic flaws such as weak passwords or a lack of awareness about email protocol. An IT service provider can help to educate staff on basic security measures.

Developing an incident response plan

Should the worst happen, the IT support team will have an effective plan that can be swiftly rolled out to mitigate the damage. This may include off-site back up data storage, a clear chain of command, and a dedicated response unit who will carry out simulated attacks to test the effectiveness of the plan. 

Specialist knowledge

One of the consequences of the NHS running on legacy systems, sometimes decades old, is that there is no centralised IT infrastructure. The systems are very fragmented, which leads to further security vulnerabilities and also makes implementing new technologies very complex and challenging.

Specialist IT providers have years of experience of dealing with complex IT projects, and can bring their knowledge and expertise to the upgrades to assist in-house teams or take over certain areas of the project.