Healthcare is plainly a target of cyber criminal and offensive nation-state actors. Not a week goes by without at least one hospital or clinic somewhere being targeted by cyber extortionists or thieves. When COVID started to spread outside of China, university health systems, pharmaceutical companies, and biomedical labs were the target of state cyber actors, out to steal research and formulations into treatment programs, new drugs or vaccines.
Since the world partially shut down, hospitals and clinics have been the target of organized crime syndicates, plying their ransomware tools and other forms of extortion against overwhelmed and under-protected healthcare providers. This is as true for providers in Asia Pacific as it is in the Americas or Europe.
Healthcare was forced to pivot very quickly to remote services like telehealth and telemedicine for patient services, while non-clinical staff quickly found themselves working from home or on furlough, as hospitals scrambled to figure out how they were going to pay their bills, without the usual elective surgeries and other revenue-generating activities that forms the basis of a typical independent health provider's business model.
New technologies, in many cases rapidly implemented, without the usual security assessments and testing, exposed a highly distracted industry to risks. Risks that perpetrators quickly took advantage of and used to their advantage.
This is what we are beginning to describe as the 'Attackers Arbitrage'.
Read the Healthcare IT News article for more on this subject.
Watch the linked on-demand video of the subsequent panel discussion between Jonathan Bagnall, Cybersecurity Global Market Leader, with Philips Healthcare; Richard Staynings, Chief Security Strategist with Cylera; and Andrew Pearce, Senior Digital Health Strategist, Analytics, HIMSS