IBM calls healthcare industry a 'leaky vessel in a stormy sea'

New research suggests that not enough is being done to protect medical systems and patient data.
Written by Charlie Osborne, Contributing Writer

IBM has called the US healthcare industry a "leaky vessel in a stormy sea" with an increase in insider attacks and the use of ransomware risking patient data more than ever before.

Healthcare-related data is a valuable commodity in underground marketplaces and the consequences of such security breaches can be severe, not just to the patient victims themselves, but to the reputations of healthcare providers.

In 2016, the healthcare industry experienced a total of 320 data breaches in the United States which involved unsecured protected health information (PHI) according to the US Department of Health and Human Services Office for Civil Rights Breach Portal, which is an 18.5 percent increase from the previous year.

It is estimated that each record lost costs providers $355, which is twice the average cost of other industries at $158 per record.

On January 31, IBM Managed Security Services said in a new report that the healthcare industry is more at risk than ever from cyberattackers.

After monitoring one trillion security events per month worldwide, IBM has concluded that roughly 48 percent of attacks against healthcare providers and industry players today are caused by cyberattackers gaining access to systems or data by injecting malicious content.

By utilizing phishing campaigns or duping employees to download and execute malicious files, these injections, which include operating system (OS) commands and SQL injections -- such as ShellShock -- can allow attackers to change system applications, how they act or even tamper with databases.

In total, 19 percent of attackers are able to gain unauthorized access through manipulating these systems. Once access has been granted, nine percent of infiltrators are able to manipulate or corrupt resources, launch remote code execution or cause denial of service disruption.

Ransomware is one of today's top threats against the healthcare industry. When successful, ransomware attacks lock medical systems and attempt to force hospitals to pay up rather than lose access to information including patient records, schedules and communication services.

An IBM survey released last year found that 70 percent of business executives paid up when their companies were victims of ransomware, and over half paid more than $10,000. When it comes to hospitals, the financial demands can outweigh the consequences of losing access to systems which paralyze their operations.

Last year, Southern California hospital paid a fee of $17,000 in Bitcoin to regain access to system files locked by ransomware.

In addition, IBM says that hospitals are often victims of insider threats, both malicious and unintentional. The company says that 68 percent of all network-based attacks targeting healthcare systems were carried out by insiders, and almost two-thirds of these attacks were permitted by accident.

See also: Hackers split on 'ethics' of ransomware attacks on hospitals

"From falling victim to phishing scams to misconfiguring servers to losing laptops, the mistakes and failings of an organization's otherwise loyal insiders can often give attackers a wide-open gateway into its networks," IBM says.

Another issue now introduced to a minefield of security concerns is the potential risk of indirect compromise through third-parties, such as electronic health record (EHR) vendor data breaches. In 2015, for example, Indiana medical software company Medical Informatics Engineering experienced a network attack which exposed the private data of 3.9 million patients.

Healthcare providers are in a tight spot. Whether it is the US healthcare system or the UK's National Health Service (NHS), organizations are under pressure not only to lower the consumer cost of treatment but also to modernize and provide digital solutions for professionals and patients.

Successful data breaches cost the industry a fortune, but industry players may not have the budget required to keep data safe and controlled, and to make matters worse, attackers are likely to continue striking these core services as stolen information is valuable -- and ransomware infections can be very lucrative.

"We have seen that the healthcare industry is a leaky vessel in a stormy sea. Change and expansion are moving faster than protection and security, and attacks are far outpacing defense. That must change, because the threat is extreme," IBM says.

"Putting it one way, making your healthcare organization compliant and secure can help minimize your risk exposure and reduce the potential impact from all threats. Putting it another way, your inattention to cybersecurity is dangerous to your patients' financial health and physical welfare, even their lives."

2017: Must-have laptops for business users

IBM Watson Health and Illumina team up on cancer research:

Editorial standards