Security News

Hospitals and healthcare providers under cyberattack

Deborah Salmi, 4 March 2016

Hospitals and healthcare providers are targeted by cybercriminals because patient records are valuable and security is low.

The recent ransomware attack on the Hollywood Presbyterian Medical Center in Los Angeles has spooked the healthcare community. Hackers installed *ransomware in the hospital computer system and held patient records hostage while demanding payment. The hospital eventually paid $17,000 to have their files unlocked.

Attacks on major insurance and healthcare systems last year including Excellus BlueCross BlueShield and Anthem Inc. resulted in 100 million individual records being stolen.

Electronic medical records are a treasure trove of data and fetch a price 20 times more than that a stolen credit card numbers. The cost for the U.S. healthcare industry is $6 billion dollars annually, with the average data breach costing a hospital $2.1 million.

According to a study by the Ponemon Institute, healthcare organizations average about one cyberattack per month with more than half of all organizations surveyed saying they experienced at least one cyberattack in the last 12 months.

Organizations major concerns are system failures (legacy software and devices are common), unsecured wearable biomedical technology that puts patients at risk, and something that other industries face – BYOD (bring your own device)  - as employees increasingly using their personal devices for work-related activities. One of the real threats is that hackers can compromise healthcare mobile apps and expose confidential medical records.

Avast booth at KIMSS16.jpgStop by to visit the Avast Virtual Mobile Platform booth at HIMMS16

This week, cybersecurity in healthcare is a major discussion point at the Healthcare Information and Management Systems Society 2016 Conference in Las Vegas. Avast Virtual Mobile Platform (VMP) will demonstrate how hospitals, insurance companies, and others can use Avast VMP to ensure secure, HIPAA-compliant access to mobile apps such as instant messaging, EHR, document storage and more. Avast will also demonstrate how VMP uses virtualization to instantly secure healthcare mobile apps.

Follow HIMSS16 on Twitter.

*Ransomware commonly enters a computer system when a user is tricked into clicking an infected link in an email or an infected ad on a website. The ransomware then locks all the files in the system and demands money for a key that will unlock the files.