Healthcare is the second largest attack on ransomware in the first half of 2024.
Analysts say hospitals should integrate their defenses into one platform, as data leaks in healthcare have doubled in three years.
“More than 200 new Internet-oriented and cloud-oriented services will be added to the healthcare sector every month.” Steven ScheurmannPalo Alto Networks' ASEAN vice president told Asian health care. “This increases the attacker's potential entry points.”
By reducing security risks and constantly monitoring their systems, healthcare organizations can improve their defenses before threats turn into crisis, he said in response to questions via email.
Although tracking leaked sites increased by 50%, healthcare data leaks doubled in three years, according to a report from Google's Threat Intelligence Team. It added that ransomware-oriented disruption threatens patients’ lives and the wider healthcare supply chain.
One example is the February 2024 Phobos ransomware attack targeting 25 Romanian hospitals and destroying more than 100 medical facilities. Similarly, a Hong Kong-based hospital fell into chaos after a cyberattack in April 2024.
Scheurmann said the industry is the second impact of ransomware in the first half of 2024. “The key reason for this is the rapid development of the industry’s attack surface.”
Patients may lose confidence in the hospital due to repeated data compromises.
“This can slow down technology adoption and innovation,” Scheurmann said. “Without stronger safety measures, hospitals are at risk of unstable mobility and ultimately harming the care of patients.”
Strong protection requires tested backup plans and employee training to build a safety-conscious culture. Lim YihaoGoogle Threat Intelligence Group's main threat intelligence consultant in Japan and Asia Pacific.
“Because employees are often the first line of defense against any cyber attack, it is important to threaten the awareness and understanding of the tactics that participants usually deploy,” he said in an emailed response.
Scheurmann notes that phishing and social engineering attacks remain one of the most effective ways for cybercriminals to enter hospital networks. “Business email compromise is one of the three most common surveys in healthcare in 2024.”
He said the attacks manipulate trust to trick employees into clicking malicious links, opening compromised attachments or revealing login credentials. “Even the most complex defense capabilities may not work without ongoing cybersecurity awareness training.”
A “zero trust framework” that assumes no user or device is inherently trustworthy can help reduce risk Seonji Leeconsulting assistant at Frost & Sullivan.
“These frameworks are becoming regulatory tasks in the United States and the EU, and in the long run, the potential applicability of the Asia-Pacific region,” she said in a Streamyard interview.
She noted that anomaly detection of artificial intelligence (AI) power has reduced ransomware response time. “Hospitals relying on cloud-based systems will need to rethink their defense around them.”
But, Lin warned that hospitals should also be cautious about AI-enabled cyberattacks, as they make threats faster, more scalable and difficult to detect.
For example, AI could be used to create advanced phishing emails that bypass traditional security filters and automate malware attacks at scale, he said.
“The cloud's misconfiguration and insecure application programming interfaces may become the main targets of cybercriminals,” Lin said. Attackers can change critical data such as allergies, prescriptions or test results. ”
Outdated software also presents major risks, especially with the rise of connected medical devices that can be leveraged for unauthorized access.
He added: “A breach will often allow threats to move sideways across the organization to launch further attacks or steal high-priced health care data.”
