Top 10 cybersecurity risks for the healthcare sector in 2024.

Healthcare organizations have been on their toes throughout the year with unwanted surprises. Among sectors like Education and Military, healthcare has made it to the top industry, with the highest number of cyber-attacks, more than 1684 attacks per week in Q1 of 2023 alone.

Why is it so? It is because we live in an era where everything is digitally connected. We live in a digital era where there is highly interconnected data.  Health data like exercise or diet-specific data is on a centralized platform accessible by health experts. The expert would then use the insights derived from that data to come to recommendations for us and whether we need medical attention or just a routine checkup. 

For storing, managing, and analyzing data, healthcare organizations use healthcare information systems that store large chunks of sensitive patient data.  The healthcare sector has become a goldmine for cybercriminals targeting health data assets further or used for orchestrating another cyber-attack. 

Cybercriminals target healthcare organizations because health forms a critical service disruption that can cause increased risk to the lives of many people who are dependent on it. We have seen some of the most eye-opening attacks on healthcare this year, including the most recent attack on Ardent Healthcare service that caused thousands of patients across five states to relocate.  

Ardent is among the many healthcare organizations targeted throughout the year by cybercriminals.  There were around 300 data breaches in the first half of 2023 in the healthcare sector.   

Let us have a glimpse of some of the most shocking cyber-attacks this year on healthcare organizations: 

• Welltok Inc. Data breach caused by the exploitation of a vulnerability in MOVEit Transfer server – 8.5 million individuals affected  
• Data breach of Fortra GoAnywhere file transfer software that caused a compromise of over 5 million patient records   
• HCA Healthcare – around 11 million patients in the U.S. across 20 states.   
• Regal Medical Group data breach – 3 300 636 patients affected   

Top 10 cyber risks for healthcare organizations in 2024 

Healthcare organizations become exposed to cyber risks due to the quick adoption of technology and digital transformation due to the increasing competition and the need to create new experiences. For example, some healthcare organizations offer health sensors to their customers that may collect all the relevant patient data and gain insights into their health based on their activity and lifestyle.   

It can be used to provide better and more customized care to their patients. However, since most of these Internet-of-Things-based devices are new and have almost negligible measures for security, they become susceptible to cyber risks. Healthcare organizations also rely on healthcare information systems that are interconnected. These systems store, control, and manage healthcare-specific data.   

Therefore, cybercriminals also look to exploit vulnerabilities in the software, like the MOVEit exploitation-based attack on Welltok that caused the exposure of data of more than 8.5 million patients associated with it. As we close to 2024, we look at some of the potential cyber risks that might affect the healthcare sector:   

1. AI based risks 

As cutting-edge technology such as AI integrates with healthcare systems to render efficiency across some healthcare operations, cybercriminals continue to look for ways to exploit the security weaknesses in the AI algorithms and seek to leverage security vulnerabilities to orchestrate a full-blown cyber-attack. Once accessed, cybercriminals can steal, alter, or erase all the patient data, creating a massive distrust and rendering them unreliable for doctors with false diagnoses. They may even cause harm to the lives of patients by causing devices to malfunction, causing transmission of false patient-specific data that is critical for medical experts.   

2. Ransomware-as-a-service 

2023 saw a high number of cyber-attacks that were either data breaches or ransomware attacks, and next year isn’t going to be any different. Cybercriminals target healthcare information systems in big organizations and bypass their security to lock and encrypt all their sensitive patient data. It not only causes loss of patient-specific sensitive data but also disrupts healthcare operations, affecting the lives of patients depending on it. It may also be a geopolitically sponsored attack to disrupt essential services of the country causing chaos.  

Nowadays, even an amateur attacker may avail ransomware-as-a-service from the dark web which is based on the idea of software as a service. It involves a ransomware developer selling ransomware to affiliates who pay them a share of the ransom they get from their victims.   

3. IoT attack 

2024 will see a high adoption of IoT by healthcare organizations. As healthcare organizations integrate IoT-based medical devices into their operational infrastructure, they find themselves highly exposed to cyber risks. This is mainly because IoT devices don’t have additional layers of security or any standards of security. Another probable risk factor is that they are often hardcoded with weak passwords. Upon exploiting IoT devices, cybercriminals can laterally move through the exploration of weaknesses in the network through initial IoT device exploitation or engage in the creation of an IoT botnet to engage in far more serious cyber-attacks.  

4. Telemedicine (pharmaceuticals, medical equipment, and other supplies) and telemedicine security 

Telemedicine or virtual patient care has emerged as a new way to render healthcare to patients remotely.  The platforms that are used to render telemedicine services often are laden with vulnerabilities because of a lack of periodical assessment of their security. Cybercriminals may exploit such vulnerabilities to orchestrate a data breach targeting highly confidential patient data that can be sold for a high price on the dark web. It is predicted that the coming year will see a spike in attacks on healthcare that are based on the exploitation of security vulnerabilities in the telemedicine platform.   

5. Increase in geopolitical/state-sponsored attacks targeting critical infrastructure 

There will be a rise in state-sponsored cyber-attacks that will be targeted towards healthcare organizations since they form a part of the critical infrastructure. Increasing geopolitical tensions mean ransomware gangs will continue to target public healthcare organizations, especially in countries that have the most continuous cyber warfare. There has been a 5% increase in the number of ransomware attacks on healthcare organizations since 2023 despite their implementation of cybersecurity measures.  

6. Data privacy regulations 

As cybersecurity threats keep evolving, continuing to target healthcare organizations at large, regulatory bodies that govern the healthcare industry such as the Health Insurance Portability and Accountability Act will keep updating the guidelines and recommendations that are to be implemented by subject organizations.   

Therefore, healthcare organizations will be under increased pressure to comply with the regulations that are recommended by the regulatory bodies in fear of paying heavy fines. What makes it challenging for them is that they often have a limited team that can help them navigate through compliance management through the identification and implementation of best practices in cybersecurity.  

7. Supply chain attack 

As healthcare organizations attempt to make their supply chain operations more efficient, they deploy supply chain management systems that help them monitor and act in time with insights on supply chain operations.  However, when left unassessed, these supply chain management systems may have security vulnerabilities that could be exploited by cybercriminals to infiltrate the defenses of a healthcare organization. Over 63% of the healthcare organizations surveyed strongly believe that they are more likely to face a supply chain attack.   

8. Cybersecurity workforce shortage 

According to a recent research report, the cybersecurity skills gap is a cause of concern for 68% of organizations. Last year there were over 3.5 million open positions in cybersecurity in 2023. 

The widening cybersecurity skills gap will not only disable healthcare organizations from identifying the measures they need to implement for optimal cybersecurity posture against the cyber threats of the healthcare industry but also take tailored enterprise-specific measures for compliance. Healthcare organizations would face a greater threat due to major health organizations not having awareness of cybersecurity best practices. 

9. Insider threats and social engineering 

Humans remain one of the highly exploited vectors and this isn’t going to change in 2024. Cybercriminals count on the fact that there is a gap in human awareness of cybersecurity and deploy social engineering methods to trick workers into giving away their sensitive information that may contain credentials. There is also a high risk of threats caused by members of the organization that went rogue. What makes insider threats dangerous is that the threat actors already possess knowledge of the systems and have the access and permissions they need to orchestrate any attack.  As per a recent report, 48% of all breaches in healthcare are caused by insider threats. 

10. DDoS attacks 

Since healthcare is a part of critical services, disruption of which may cause a wide-scale chaos, cyber criminals specifically state-sponsored cyber attackers leverage this fact and target healthcare organizations due to a political motive.  DDoS attacks are on the rise since they are for the sole objective of causing operational disruption. Last month (November), there was a massive operational disruption in public healthcare institutions in Singapore due to a DDoS attack. There was a total of around 90 DDoS attacks across the United States in 2023. It tells us that there is a high possibility of increased risk of DDoS attacks disrupting healthcare operations worldwide in the coming year.