The National Cyber Security Centre defended the health care sector from 723 cyber attacks between September 2019 and August 2020, an increase of 10% on the previous year. Around 200 of these were related to COVID-19.
Research recently published by UK based information security company, Clearswift revealed that 67% of healthcare organizations in the UK have suffered a cybersecurity incident over the last 12 months. The research also revealed:
The threats posed by General Data Protection Regulation (GDPR) Breaches
The wealth of sensitive data that healthcare providers possess makes them an attractive target for cybercriminals looking to make money from ransom payments or fraud. Frighteningly, there are even more reasons for cyber criminals to attack the healthcare sector. These include:
Hospitals store a large amount of confidential patient data which if sold on, can generate a lot of profit for cyber criminals.
Medical devices are an easy entry point for attackers as they are naturally not mind with cyber security in mind. Although the devices don't hold personal data they are key to the functionality of a hospital and if they were taken offline, they would still cause huge disruption.
Human error and remote data access together can be a huge risk for healthcare providers. Often, information and data needs to be accessed by individuals working remotely from different devices. If those devices are compromised and are connected to the network, this leaves a door open for other devices to also be compromised.
Whilst medical professionals are educated in their fields, they are not always trained on cyber security. Adhering to simple cyber security basics like multi-factor authentication are a good starting place as they don't require individuals to know anything more than their own login credentials.
How can we help your business, follow these steps to become more cyber resilient:
Sign up to membership via www.secrc.co.uk/membership