Felipe Contin Sampaio 3:26 PM (0 minutes ago) to me

BR +55 11 3069 3925 | USA +1 469 620 7643

Why Have Attacks on Healthcare Organizations Increased?

by | Jan 25, 2022 | BLOG

A news article produced by the newspaper O Estado de São Paulo and replicated by the G1 website has pointed out that approximately 243 million Brazilians had their data exposed on the Internet due to failures by the Ministry of Health. These numbers include people who have already died. 

In practice, anyone registered with the Unified Health System (SUS) or a health plan had data such as individual taxpayer number, full name, address, and telephone number exposed.

In the previous week, 16 million people who had coronavirus had been victims of another leak caused by the same flaw: exposure of login and password that give access to the Ministry of Health’s system.

Also, a study performed by Apura Cybersecurity Intelligence has shown that there are 920,866 suspicious websites with the term “coronavirus”.

By reading this article, you will understand what has driven the recent increase in attacks against healthcare organizations. To facilitate your understanding, we have divided our text into topics that explain the reasons:

  1. More Workers Working Remotely 
  2. Low Investment in Cybersecurity
  3. Lack of Specific Cybersecurity Professionals
  4. Low Awareness 

Read it until the end!

low cybersecurity awareness.

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

3 + 13 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

 

1. More Workers Working Remotely 

Again, we quote a story from G1: according to this report, there were twice as many cyberattacks against hospital and pharmaceutical organizations in 2020 than in the previous year.

That’s because this sector represented 3% of detected digital threats in 2019. In 2020, that number rose to 6.6%. But what has changed from one year to the next? 

In fact, with the Covid-19 pandemic, many professionals have had to adhere to remote work. As a result, they began to access corporate devices from less secure environments, making IT systems more vulnerable. 

 

2. Low Investment in Cybersecurity

Not all healthcare organizations invest as much as they should in cybersecurity. Often, companies do not even have a department dedicated to this area, ignoring fundamental items, such as:

  • Cybersecurity Policies;
  • Disaster Recovery Plan;
  • Controls for compliance with data protection laws and regulations such as HIPAA.

This lack of investment and old operating systems explain why cybercriminals were already finding loopholes to attack the healthcare industry even before the pandemic. 

To give you an idea, the healthcare industry is one of the main targets of ransomware attacks, along with industries, banking institutions, and government agencies.

 

3. Lack of Specific Cybersecurity Professionals

We know that having professionals specialized in cybersecurity is essential today. However, these experts are scarce in the job market. It is no wonder this sector has an unemployment rate of 0% and jobs that require knowledge in cybersecurity take an average of 79 days to be filled, surpassing other IT areas.

Data from 2020 indicate that, in order to have an adequate number of professionals with this knowledge in Brazil, we would have to get a 52% increase in the number of employees, from 331,770 to 636,650.

 

4. Low Awareness 

In addition to everything we have already shown in this article, there is a problem that affects not only the healthcare area, but countless others: low cybersecurity awareness. This means organizations also do not invest in training their employees to deal with cyber threats.

And nowadays, it is extremely important to make teams aware of the risks they assume when accessing IT systems, in addition to promoting training that makes it possible to detect and combat these threats.

These trainings must be performed periodically. That’s because technology constantly evolves, offering increasingly efficient resources to malicious users too. Thus, cybersecurity care must follow this evolution.

By reading this article, you understood the main reasons for the increase in cyberattacks against healthcare organizations. Did you like our content? Share it with someone who may also be interested in the topic.

 

ALSO READ IN SENHASEGURA’S BLOG

Top 5 Cyber Threats to Healthcare Organizations

Load Balancer: What is It and What is Its Importance?

Multifactor Authentication: How to BeLoad Balancer: What is It and What is Its Importance?nefit from This Security Strategy

How does senhasegura help protect your cloud environments?

Cloud solutions bring numerous facilities to companies, but also offer security risks. Want to know how to combat these threats? Read our article to the end! A 2020 survey by cybersecurity solutions provider Barracuda showed that 53% of companies have accelerated...

The main causes of data leaks

Data leaks occur whenever a user or organization has their sensitive information exposed, putting the security and privacy of companies and people at risk. Know more! The Data Breach Investigation Report 2022, conducted by the Ponemon Institute, provides an overview...

What is the SOC 2 report and why is it important for senhasegura?

SOC 2 provides a report after completing the audit. Recently, senhasegura conquered this milestone, providing details on the principles of confidentiality, processing integrity, availability, and information security. Want to know more about this subject? Read our...

What is a lateral movement attack and how does it occur?

A lateral movement attack occurs when the cybercriminal gains access to an initial target to move between devices within the network without their presence being noticed. In this article, we explain in detail what side threats are and how to avoid them. Want to know...

Why are government organizations favorite targets for cybercriminals?

The government segment was one of the most attacked by hackers in the last quarter of 2022. Learn more! In recent years, malicious actors have demonstrated a propensity to attack government organizations, including through ransomware, although governments are not...