BR +55 11 3069 3925 | USA +1 469 620 7643

Why Have Attacks on Healthcare Organizations Increased?

by | Jan 25, 2022 | BLOG

A news article produced by the newspaper O Estado de São Paulo and replicated by the G1 website has pointed out that approximately 243 million Brazilians had their data exposed on the Internet due to failures by the Ministry of Health. These numbers include people who have already died. 

In practice, anyone registered with the Unified Health System (SUS) or a health plan had data such as individual taxpayer number, full name, address, and telephone number exposed.

In the previous week, 16 million people who had coronavirus had been victims of another leak caused by the same flaw: exposure of login and password that give access to the Ministry of Health’s system.

Also, a study performed by Apura Cybersecurity Intelligence has shown that there are 920,866 suspicious websites with the term “coronavirus”.

By reading this article, you will understand what has driven the recent increase in attacks against healthcare organizations. To facilitate your understanding, we have divided our text into topics that explain the reasons:

  1. More Workers Working Remotely 
  2. Low Investment in Cybersecurity
  3. Lack of Specific Cybersecurity Professionals
  4. Low Awareness 

Read it until the end!

low cybersecurity awareness.

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

6 + 3 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

 

1. More Workers Working Remotely 

Again, we quote a story from G1: according to this report, there were twice as many cyberattacks against hospital and pharmaceutical organizations in 2020 than in the previous year.

That’s because this sector represented 3% of detected digital threats in 2019. In 2020, that number rose to 6.6%. But what has changed from one year to the next? 

In fact, with the Covid-19 pandemic, many professionals have had to adhere to remote work. As a result, they began to access corporate devices from less secure environments, making IT systems more vulnerable. 

 

2. Low Investment in Cybersecurity

Not all healthcare organizations invest as much as they should in cybersecurity. Often, companies do not even have a department dedicated to this area, ignoring fundamental items, such as:

  • Cybersecurity Policies;
  • Disaster Recovery Plan;
  • Controls for compliance with data protection laws and regulations such as HIPAA.

This lack of investment and old operating systems explain why cybercriminals were already finding loopholes to attack the healthcare industry even before the pandemic. 

To give you an idea, the healthcare industry is one of the main targets of ransomware attacks, along with industries, banking institutions, and government agencies.

 

3. Lack of Specific Cybersecurity Professionals

We know that having professionals specialized in cybersecurity is essential today. However, these experts are scarce in the job market. It is no wonder this sector has an unemployment rate of 0% and jobs that require knowledge in cybersecurity take an average of 79 days to be filled, surpassing other IT areas.

Data from 2020 indicate that, in order to have an adequate number of professionals with this knowledge in Brazil, we would have to get a 52% increase in the number of employees, from 331,770 to 636,650.

 

4. Low Awareness 

In addition to everything we have already shown in this article, there is a problem that affects not only the healthcare area, but countless others: low cybersecurity awareness. This means organizations also do not invest in training their employees to deal with cyber threats.

And nowadays, it is extremely important to make teams aware of the risks they assume when accessing IT systems, in addition to promoting training that makes it possible to detect and combat these threats.

These trainings must be performed periodically. That’s because technology constantly evolves, offering increasingly efficient resources to malicious users too. Thus, cybersecurity care must follow this evolution.

By reading this article, you understood the main reasons for the increase in cyberattacks against healthcare organizations. Did you like our content? Share it with someone who may also be interested in the topic.

 

ALSO READ IN SENHASEGURA’S BLOG

Top 5 Cyber Threats to Healthcare Organizations

Load Balancer: What is It and What is Its Importance?

Multifactor Authentication: How to BeLoad Balancer: What is It and What is Its Importance?nefit from This Security Strategy

SaaS, PaaS and IaaS: Learn about theCloud Computing Options

Understand these solutions to choose the best alternative for your business. For many years, we have been using cloud computing to access files that are not stored on a computer, but on email servers, social network websites, or internet pages, without the need of...

What does a Chief Information Security Officer (CISO) do?

A Chief Information Security Officer (CISO) is a high-level professional responsible for the digital security of a company. If you aspire to obtain this position, read our text until the end. In it, we explain more about the profession. With the advancement of...

An overview of essential certifications for CISOs

In the world of cybersecurity, the role of a CISO is crucial in protecting data and sensitive information. To excel in this career, it is necessary to have certain certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical...

What is the role of a CISO during a cyber attack?

The CISO plays a crucial role in incident management during cyber attacks as they are responsible for implementing containment and eradication measures. However, it is also their role to detect and prevent threats. Learn more in this article about the responsibilities...

Security Training Best Practices for Privileged Users

It is essential to train privileged users to avoid cyber threats, as they are the primary victims of hackers. Read our article and learn how to do it. Privileged user credentials are among the main targets of cybercriminals since they allow them to access data and...