The healthcare industry consistently tops the list of high-risk targets when it comes to cyberattacks. In fact, many cybersecurity experts believe the healthcare industry is the biggest target for cybercriminals today. Hospitals, urgent care providers, pharmaceutical companies, and all other major healthcare organizations are considered prime targets for cybercriminals due to their wealth of patient information.

Medical records draw a far higher price than credit cards on the dark web. These records – usually containing an individual’s name, birthdate, SSN, and medical information – can sell for as much as $60 per record, whereas social security numbers are a mere $15. In addition, the number of medical devices susceptible to attack is increasing and will continue to increase as the implementation of the 5G network strengthens and enhances our internet connectivity. An attack on a medical device, such as a pacemaker, threatens patient safety but also provides potential access to the larger network. Cybercriminals can leverage the threat to patient safety as a way to justify higher demands in ransomware attacks.

COMMON TYPES OF CYBER ATTACKS IN THE HEALTHCARE SECTOR:
  • Ransomware Attack
  • Medical Device Attacks – IoT Attacks
  • Trojan Malware
  • Denial of Service Attack
  • Mobile Device Exploit
TOP CYBER RISKS FOR THE HEALTHCARE SECTOR:
  • Patient Safety
  • Bodily Injury/Property Damage
  • Theft of Personal Healthcare Information
  • Business Interruption Loss
  • Reputational Harm
  • Financial Risk – Civil Liability
  • Regulatory Risk
  • Contingent Business Interruption Loss due to a Third-Party Vendor Disruption

DOWNLOADABLE RESOURCES

Cyber Attacks in Healthcare (PDF)

The estimated losses in 2019 for the healthcare industry are $25 billion.

Healthcare had the highest data breach costs at $429 per record.

The industry with the highest number of attacks by ransomware is the healthcare industry.

 

BOTTOM LINE:

Healthcare companies face significant reputational, financial, and regulatory exposures due to cyber incidents. Medical device security, supply chain risk, and overall patient safety are top priorities for healthcare organizations today. 

EPIC’s team of dedicated healthcare and cybersecurity experts will help you develop a unique comprehensive risk strategy that addresses these evolving threats. 

Our Leaders

Kelly Geary Headshot
Kelly S. Geary

Managing Principal, National Cyber Practice Leader