This past year was another challenging one for healthcare organizations as they remained under sustained attack by cybercriminals who continue to target healthcare networks through the use of well-known vulnerabilities. 

A new study predicts that 2018 won't be any easier, especially as attackers increasingly set their sights on smaller providers and the myriad connected Internet of Things devices across healthcare.

In 2017, there were a total of 140 hacking-related data breaches reported to the Department of Health and Human Services' Office of Civil Rights – a 24 percent increase over the 113 such events reported in 2016, according to the "2017 Health Care Cyber Research Report," from cybersecurity vendor Cryptonite.

The number of reported hacking events attributed to ransomware by healthcare organizations jumped by 89 percent from 2016 to 2017, the study shows. This was an increase from 19 reported events in 2016 to a total of 36 events in 2017.

[Also: Hospitals, don't wait to address these little-known IoT security issues]

In 2017, ransomware events represented 25 percent of all events reported to HHS/OCR and attributed to IT/hacking.

All six of the largest hacking-related healthcare events reported in 2017 were attributed to ransomware, the study found.

Somewhat encouragingly, this past year, just 3,442,748 records were reported to be compromised, a big decrease from 13,425,263 reported compromised in 2016.

But in years past, cybercriminals devoted significant time and effort to targeting the largest healthcare organizations. For example, 2015 breach events included Anthem (78.8 million records) and Premera Blue Cross (11 million records), and 2016 events included Banner Health (3.6 million records) and Newkirk Products (3.4 million records).

Now this low-hanging fruit has to some extent been harvested, and attackers are increasingly turning their attention to a broader mix of healthcare entities, the report said.

"The emergence and refinement of advanced ransomware tools lowers both the cost and the time for cyberattackers to target smaller healthcare institutions – now they can cost effectively reach physician practices, surgical centers, diagnostic laboratories, MRI/CT scan centers, and many other smaller yet critical healthcare institutions," according to Cryptonite. "This is the beginning of a trend that will increase very substantially in 2018 and 2019."

Internet of Things devices in healthcare also represent new and expanding opportunities for cyberattackers. IoT devices now are now nearly ubiquitous in healthcare – already widely deployed  in intensive care facilities, operating rooms and patient care networks, said Michael Simon, president and CEO of Cryptonite.

"Cyberattackers target healthcare networks for two primary reasons – to steal the medical records they contain or to extort ransom payments," said Simon. "Medical records are the targets of choice, as this data is highly prized to support identity theft and financial fraud. While 2017 was the year of ransomware, we are anticipating this already hard-hit sector will feel the wrath of cybercriminals targeting the hundreds of thousands of IoT devices already deployed in healthcare."

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com