Several high-profile cyberattacks during 2021 served as reminders of the cyber threats facing the healthcare industry. As the COVID-19 pandemic becomes endemic, what do the coming months have in store? This article takes a look at healthcare cybersecurity in 2022 by focusing on key risks and predictions.
Here are five predictions for healthcare in cybersecurity in 2022 based on the current threat landscape.
Expanded Network Perimeter Creating New Threats
During a trying time for healthcare over the last two years, there were also opportunities for much-needed evolutions. As hospitals and primary care physicians became swamped with COVID patients, telehealth and remote patient monitoring started to prove their much-touted benefits. The use of remote patient monitoring platforms eased the burden on staff while not compromising the quality of care people received.
It appears likely that these technological advancements and platforms will remain a fundamental part of how healthcare providers operate. However, it’s important to point out the potential increased cybersecurity risks associated with telehealth and remote patient monitoring platforms.
The key risk is an expanded network perimeter that sees patient-facing monitoring systems communicating with backend servers. Ever seeking to find new ways into networks, threat actors will attempt to traverse enterprise firewalls through remote monitoring systems. Healthcare providers must pay attention to this attack vector and seek to harden the security of communications, perhaps through network segmentation and the use of demilitarized zones.
Ransomware Not Going Away
Healthcare is an industry in which ransomware attacks have the potential to cause some of the most severe consequences. Ransomware is not just an IT annoyance or business productivity disruptor in healthcare—it’s literally life or death. One report highlighted the perils of ransomware in healthcare by finding that nearly a quarter of hospitals reported an increased death rate in the aftermath of a ransomware attack.
While the initial report is from a relatively small study, it’s clear that ransomware has the potential to negatively disrupt patient care. Even if just the IT systems go offline for a healthcare provider, harmonious communication between medical professionals becomes more challenging. Additionally, patient tests and procedures get delayed. In the worst-case scenarios, ransomware causes outages among the medical devices that keep some patients alive.
With several arrests taking down some of the most notorious ransomware operations recently, some premature analysis predicted a decline in these attacks. The problem is that for as long as ransomware remains profitable, new operations will gather momentum. In fact, a new gang named Black Cat has already started ransomware campaigns using sophisticated code. Ransomware is a guaranteed threat to healthcare cybersecurity in 2022.
Increased Federal Interventions
Healthcare data breaches reached a record high during 2021. The U.S. government has drastically stepped up the publication of federal guidance in recent months. In fact, a recent memo outlined a 2024 timeline for Federal organizations to implement a zero-trust security strategy.
As cyberattacks continue to hit the healthcare sector in 2022 and disrupt what is regarded as one of the 16 CISA critical infrastructure sectors, expect to see more federal interventions. These interventions will come in the form of increased cybersecurity guidance for healthcare organizations and perhaps more stringent data privacy/security legislative changes. Advisories and alerts outlining particular security threats to healthcare providers will also continue to be published during 2022.
Faster Medical Device Patching
One of the biggest challenges for healthcare cybersecurity in 2022 will be centered around properly securing medical devices through patch management. Threat actors increasingly focus on exploiting software vulnerabilities in medical devices as these devices become part of the connected IT ecosystem.
The problem is that device manufacturers face a disincentive in releasing patches because they assume liability in the event that a patch causes their device to malfunction. The FDA has tried to relax its guidelines by encouraging medical device manufacturers to
proactively update and patch devices in a safe and timely manner without the need for submitting a mandatory application to the FDA before any update. The hope is that these changes will accelerate the previously cumbersome patching times for medical devices.
Demands for Improved Incident Detection and Response
From an entire country’s public health system being compromised by ransomware to a data breach of over 1.4 million patients’ information at University Medical Center Southern Nevada, threat actors weren’t deterred from hitting the healthcare sector despite a severe ongoing pandemic. Countless stories of cyberattacks in healthcare demonstrated a clear lack of incident detection and response capabilities.
Over the course of 2022, hospital boards will demand improvements from their CISOs and CEOs in the accuracy of incident detection and reduced response times. With cybersecurity talent shortages not going away, healthcare organizations will need to turn to third-party expertise. Managed detection and response (MDR) capabilities will prove decisive in helping healthcare providers thwart attacks in the cloud, on the network, and on endpoints.
Nuspire’s managed detection and response helps healthcare organizations proactively identify vulnerabilities, respond faster and stay ahead of adversaries. Contact us today to learn more.