Episode 189 - Medical Cybercrime with Dave Vosnakes and Stephanie Way
Medical cybercrime refers to criminal activities involving cyber-attacks on healthcare systems, devices and data. These attacks can range from ransomware and data breaches to the exploitation of vulnerabilities in medical devices, posing serious threats to patient safety, data privacy and the stability of healthcare operations.
According to the Office of the Australian Information Commissioner in 2023, the healthcare industry tops the list for cyber-attacks. Healthcare became the most reported non-government sector for cybercrime incidents in FY2023–24, with more attacks than financial services, education and other critical infrastructure industries, highlighting its vulnerability. Furthermore, ransomware attacks targeting the Australian health sector are growing.
Highlighting this point, 41% of healthcare organisations in Australia experienced a cyber-attack in 2023. This marks a significant rise in the targeting of this critical sector, with a 71% year-on-year increase in global cyber-attacks targeting healthcare organisations.
32% of healthcare cyber incidents involved compromised accounts or credentials. Others included malware infections (17%) and compromised network infrastructure (12%).
Patients are also concerned. In one survey, 82% of Australians indicated they were worried about unauthorised access to personal health records and consider health information security when choosing healthcare providers. 33% said they were “very to extremely worried” about the security of their health information.
In December 2022, Medibank, the Australian health insurance giant, was the victim of a major data breach affecting the personal details of 9.7 million customers. The attack was believed to be linked to a well-known ransomware group based in Russia, the REvil ransomware gang (a 10-million-dollar ransom was not paid).
Eastern Health, an operator of four Melbourne hospitals, subsequently fell victim to a cyberattack, causing certain elective surgeries to be postponed at the time. Another notable incident targeted Melbourne Heart Group.
Reinforcing these concerns, tech giant Microsoft has also stated that the healthcare sector (and aligned industries) is one of the top targets for cyber criminals.
Types of Medical Cybercrime include:
Ransomware Attacks:
These attacks encrypt a healthcare organisation's data, demanding a ransom for its release, potentially disrupting critical services and delaying patient care.
Data Breaches:
Cybercriminals may steal sensitive patient information, including medical records, financial data and personal details, for various malicious purposes.
Medical Device Exploitation:
Vulnerabilities in connected medical devices, such as pacemakers or insulin pumps, can be exploited to compromise patient safety or disrupt treatment.
Supply Chain Attacks:
Cybercriminals may target the healthcare organisation's supply chain, compromising vendors or partners to gain access to the primary target.
Phishing Attacks:
These attacks involve tricking individuals into revealing sensitive information or installing malware, often through deceptive emails or websites.
Social Engineering:
Attackers use psychological manipulation to gain access to systems or information.
The impact of medical cybercrime on patient safety, data privacy, financial losses, operational disruptions and erosion of trust cannot be overstated.
To explore and discuss this topic in more detail, we are joined on this podcast by both Dave Vosnakes and Stephanie Way from the Australian Government National Office of Cybersecurity, who provide an expert overview of this growing problem. Please welcome them to the podcast.
References: