How to Reduce Cyber Attacks in the Healthcare Industry?

The prevalence of the Internet and the openness of the Internet has made cyber attacks progressively less expensive. As cyberattack techniques and attack tools continue to upgrade, cybercriminals are using more advanced techniques to arm attack tools, making them more difficult to detect. This increases the difficulty of detecting attack tools using features. This has led to more and more cybersecurity incidents, and the medical industry is gradually becoming a "hardest hit" area for cybersecurity.

As COVID-2019 spreads around the world, various cybersecurity attacks against the healthcare industry are intensifying. Unlike other critical information infrastructure industries, the health care system is more related to the safety of people's lives. Because of the special nature of the healthcare industry, they have become the focus of attackers' attention in order to obtain higher extortion amounts. Common attacks on the healthcare industry include ransomware, APT attacks, exploits, etc. In addition, hospital insiders are often a significant source of information leakage.

CEO Dan L. Dodson says more than 40 million patient records will be compromised in 2021 alone, according to a new report from Fortified Health Security. And in 2022, healthcare data breaches will remain the most costly of all industries. The average cost of recovery is more than $9.23 million. Statistically, the percentage of healthcare breaches attributed to malicious activity rose by more than 5 percentage points in the first six months of 2022. This represents nearly 80 percent of all reported incidents.

In terms of the number of records affected, the 2022 figure is down about 40 percent from 2021, which was a record year with 714 breaches affecting nearly 50 million patient records. However, the number of records affected is up 138 percent compared to the first half of 2020 breaches. More than 19 million records have been affected so far this year. In terms of records affected, 2015 was the most notorious year. There were more than 112 million affected records. 80% of those were caused by a breach of nearly 90 million records in Anthem and Premera Blue Cross.

We hope we don't see a repeat of a situation such as the one in 2015. Although many organizations have strengthened their defenses in the wake of 2015. However, attacks continue to evolve, so these measures will not be enough in the future. To reduce the probability of cybersecurity attacks, cybersecurity building in the healthcare industry should be taken seriously. At the national level, measures should be taken to promote the introduction of health care-related policies, regulations and standards. For hospitals, they should strengthen network security awareness training for health care workers and clarify the authority management of internal staff.