Cyberattacks on healthcare organizations are increasing as hackers find new security vulnerabilities and double down on tactics such as ransomware and phishing attempts, according to a Feb. 2 Wall Street Journal report.
Healthcare organizations have often neglected cybersecurity basics, such as using two-factor authentication, said Austin Berglas, global head of professional services at cybersecurity company BlueVoyant, according to the publication. Without viewing cybersecurity as a priority and allocating the necessary funding and resources, hackers will keep targeting hospitals.
Here are six vulnerability points hackers typically exploit hospitals with, according to the Journal:
1. Networks. Without secure access control, hackers can infiltrate the network at one point and then move freely once inside.
2. Internet of Things. Connected medical devices do not always have built-in security features.
3. Personal devices. The hospital network becomes more vulnerable to cyberattacks when clinicians connect personal devices.
4. Data storage. Ransomware attackers can do more damage when EHRs, payment and insurance information are stored in one place.
5. Records disposal. Improperly disposing sensitive information can lead to privacy breaches.
6. Remote work. Remote COVID-19 testing and vaccination sites as well as more nonclinical staff working from home increases security risk.