Australian Healthcare Sector, the Favorite Target of Cyber Attacks
Australian statistics has revealed that 63 data breaches have been reported in the first two months of the year, which is something that needs to be addressed. Out of the 63 incidents, about a quarter of them were from the healthcare sector. The latest data breach of patient records was from Family Planning NSW, with an estimated 8,000 records breached. Enough information was lost, including birthdate, contact details and the full names of the patients.
The healthcare industry is in the cross hairs of the cybercriminals as their cyberdefense spending is very low. They are also very easy to penetrate, and they hold a lot of personally identifiable information, information is money for cybercriminals.
Australians value public healthcare, as their own government created programs targeting the most vulnerable sector of the Australian society when it comes to healthcare issues. The risk of a data breach is there, but the climate where the healthcare industry is operating is not yet ready for massive cyber defense spending, the primary way to lessen the chance of getting hacked in the future.
At this point, the Australian public healthcare project dubbed: “My Health Record” holds 5.58 million patient records. Such big data is very critical to store without a form of cyber defense to keep it immune from cyber attacks. The healthcare sector is highly dependent on technology, databases and network devices. An oasis creating smooth day-to-day operations for hospitals and clinics, especially an accessible patient record accessible by doctors when they need it.
The attack vector further widens in the healthcare industry with the proliferation of BYOD devices and IoT devices. Something that doctors and nurses are unaware of, such small devices can open loopholes to the hospital’s IT infrastructure, especially for many public hospitals that are still using outdated Windows versions like Windows XP, which was officially discontinued since 2014.
Like the rest of the business sector, the healthcare industry needs to look at new ways to prevent data breaches. This can only be done by having a good understanding of how to plan for a worthwhile, cost-effective strategy of data security. Many companies right now are dealing with the risks by hiring white hat hacker groups to perform penetration testing.
Penetration testing is a process of deliberately hiring a 3rd party to attempt a cyber attack, create unauthorized network infiltration scenarios in a controlled way. This is to test the current IT infrastructure if it can defend itself in a real cyber attack episode. Spending for a Pen Test is never a cheap option, but it is a great option available for all businesses, not just the vulnerable healthcare industry.
Companies need to have a change of heart, and better provide enough funding, yearly funding for cyber defense spending. It is wiser to spend a few million dollars today instead of becoming a victim of cybercrime that may cause the entire business to cease operating due to the loss of the customer’s trust. Any business establishment depends on the trust of its customers for its survival, that is the real deal.
Kevin Jones720 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.