Healthcare Industry Must Recognize the Myths of Cybercrime
January 8, 2024
An article in The Hacker News discusses increasing cyber threats to the healthcare industry due to the premium that electronic health records fetch on the dark web. A single user’s data can sell for as much as $1,000.
It is also true that healthcare businesses make fat targets. Many suffer from understaffing and a lack of cybersecurity expertise, and the necessity of maintaining patient care means they’ll pay when they’re extorted.
The healthcare industry has faced the highest average costs per breach for 12 years, surpassing all other sectors.
The article discusses the evolving landscape of cybercrime and emphasizes the commodification of ransomware as a business. Cybercriminals exploit human errors and look for leaked secrets on platforms like GitHub.
Nevertheless, there are countermeasures that the health industry can employ. Adopting the attacker’s mindset is one. It yields a cost-benefit calculus, thus identifying which assets they might target and their likely methods of attack.
The article suggests focusing on asset inventory and viewing systems from the attacker’s perspective. This turns the tables on attackers by anticipating and preemptively counteracting threats.
Continuous vigilance is a must, including monitoring GitHub and integrating “honeytokens” into the security strategy. Honeytokens are decoys that can lure and detect unauthorized access.
The fact that honeytokens work underlines an important truth; threats and threat actors haven’t necessarily become more sophisticated; rather, the attack surface – the range of potential points of vulnerability – has expanded.
Technology is evolving and so is the nature of cybersecurity threats. The healthcare industry needs to implement the latest security technologies and foster a culture of security awareness among all staff members.
Critical intelligence for general counsel
Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.
Daily Updates
Sign up for our free daily newsletter for the latest news and business legal developments.