The healthcare industry is among the primary targets for cybercriminals due to the handling of large amounts of confidential patient data and the central importance of its operations.
The sector has been rapidly adopting digital technologies such as electronic health records (EHR), telemedicine, and Internet of Things (IoT) devices, which provide great benefits but also more entry points for cybercrime. The interconnected nature of these systems means that a security breach in one part of the network can potentially compromise the entire healthcare infrastructure.
COVID-19, in turn, had a significant impact on the growth of cybersecurity breaches in the sector, primarily because the industry was forced to quickly adopt new technologies to enable remote medical care and telemedicine. This rapid implementation often occurred without sufficient cybersecurity measures, leaving healthcare organizations vulnerable to attacks.
In 2023, for the thirteenth consecutive year, the healthcare industry reported the most costly data breaches, with an average cost of $10.93 million, nearly double that of the financial industry, according to the World Economic Forum.
Globally, the sector experienced a 30% year-over-year increase in cybercrime, with 1 in 44 organizations suffering ransomware attacks in the second quarter of 2023. The healthcare sector is the second most affected by such attacks, with 1 in 27 organizations, representing a 16% year-over-year increase.
Specifically, cyberattacks on healthcare institutions in Latin America have been rising. According to Kaspersky’s Threat Landscape, the industry is among the most targeted with 5.28% of total attack attempts involving techniques such as phishing, ransomware, and denial-of-service attacks.
The greatest cyber risk the sector faces is not just data theft, kidnapping, or loss, but the alteration of system operations as the primary target. In hospitals, clinics, or healthcare institutions, this can have severe consequences for healthcare delivery.
In this regard, among the most notable cases there were two cyberattacks in 2022 on the website of the National Institute for Food and Drug Surveillance (Invima) in Colombia, which resulted in the unavailability of information and external applications to the institute.
It is worth noting that ransomware group activity in Latin America increased in 2023 with a tendency towards the healthcare sector among their preferred targets. Among the known cases is the cyberattack on public platforms in Costa Rica, which caused disruptions across the expanded network of hospitals and clinics. The Rhysida cybercrime group has quickly gained notoriety for its large-scale ransomware attacks. Targeting entities in Latin America and beyond, this group has affected 17 hospitals and 166 clinics, including the attack on PAMI (National Institute of Social Services for Retirees and Pensioners of Argentina), which disrupted vital services, affecting medical care and the processing of medications and treatments.
The Region Under the Spotlight
According to the “Cybersecurity in the Health Sector in Latin America and the Caribbean” report published by the Inter-American Development Bank (IDB) in 2020, countries in the region have a medium-low level of cybersecurity maturity, with an average score of 47 out of 100. The report highlights that the main challenges are: lack of awareness, training, and cybersecurity culture, shortage of specialized human resources, absence or insufficiency of regulations and standards, and vulnerability of infrastructure and computer systems.
Regarding the latter point, cyberattacks increasingly target healthcare for various reasons. On one hand, medical institutions often use a mix of new and old technologies, which can lead to unresolved vulnerabilities. On the other hand, the growing adoption of cloud-based solutions, the increase in connected devices and smartphones, and the adoption of 5G and IoT devices make healthcare systems more complex and susceptible to attacks.
Additionally, the sector is not exempt from how cybercriminals use Artificial Intelligence to bypass controls, automate, and accelerate their attacks with greater precision and reach.”
The Bet on Resilience
Ensuring cyber resilience is essential to maintain the continuity of medical operations and safeguard your reputation. The challenge lies in that, alongside their digital transformation, the healthcare sector must undertake a cybersecurity strategy that enables them to anticipate and prevent the risks of cyberattacks.
An essential part of developing a cybersecurity strategy is the identification and classification of sensitive information. Secondly, the paradigm that should prevail in the industry is the Zero Trust model and preventive approaches, such as multi-factor authentication, secure passwords, and data backups. Additionally, increasing cybersecurity awareness and training is necessary for both users and healthcare service providers.
On the other hand, updating and modernizing infrastructures and IT systems is necessary to ensure their availability, integrity, and confidentiality, as well as interoperability and compatibility with international standards. Finally, the incorporation of emerging technologies such as AI, blockchain, and cloud computing offers benefits to improve the quality, efficiency, and security of systems.
It’s worth noting that despite the adverse scenario, the focus on cybersecurity is still not prevailing in the healthcare industry, which logically prioritizes medical issues.
Given the importance, scale, and interconnection of the healthcare industry, it’s clear that no organization or government entity can tackle the issue of cybersecurity alone. A collaborative and systemic approach within the ecosystem is key: most healthcare organizations and hospitals worldwide lack the necessary IT infrastructure and professionals to establish an internal cybersecurity department, making it crucial to seek strong strategic partners capable of designing the most robust and effective digital security strategies to address the alarming outlook for the sector.
