Why Healthcare Gets Hit Hardest With Cyberattacks
Our health data is some of the most confidential information we have, and the systems that most healthcare companies use to protect it from cybercrooks are somewhat sickly.
Thanks to a toxic mix of aging hardware, outdated software and shoestring operating budgets, they're increasingly susceptible to cybercriminals who are not only lured by a gold mine of data but also armed with state-of-the-art hacking tools, experts told The Daily Upside, leading to some of the largest data breaches in history. And the risks extend far beyond lost data and eye-popping ransom payments.
'There's really a direct danger to patient care and life,' says Rob Hughes, chief information security officer at security firm RSA. 'That's as serious as you can get. It's a different type of pressure.'
READ ALSO: NBA Finals Kick Off With an Old (Footwear) Friend and Tariffs Deliver Record Drop in US Trade Deficit
Statistics back him up: Last year was a landmark for healthcare data breaches. According to HIPAA Journal, there were 14 attacks involving the records of 1 million or more patients in 2024, exposing the records of more than 237 million individuals altogether. The biggest healthcare breach in history occurred only two months into the year, when ransomware attackers stole the data of 190 million people from Change Healthcare in February.
'There are a lot of vulnerabilities that healthcare organizations don't even realize they have,' said Alpesh Shah, vice president of security strategic alliance at Myriad360. 'Every individual who is touching a smart device is vulnerable to bring some sort of threat to the organization.'
The technological advances that have revolutionized healthcare over the past 50 years have simultaneously ramped up cybersecurity risks exponentially. The amount of personal information collected at healthcare facilities is mountainous, with every machine collecting bits of data on patient health at a constant rate.
Many of the technologically complex devices used daily or even hourly are operating on outdated software, Hughes said, a combination that leaves medical centers riddled with vulnerabilities.
For instance? A big MRI machine that still makes a nice MRI image but runs 'an old version of Windows that can't accept patches anymore,' he said.
Exacerbating the problem are security measures that often involve a patchwork of systems inexpertly quilted together, said Gary Salman, CEO of Black Talon Security. Healthcare organizations often use security solutions from multiple vendors, which can lead to a lack of standardization or centralization, he said.
While this puts them in a 'feel-good position,' the mishmash of products may not always cover the ground that it should while creating both unnecessary complexity and a glut of data. 'How do you triangulate all of this, especially in medium- and large-size healthcare organizations?' he asked.
At a more strategic level, few shareholders and healthcare practitioners prioritize cybersecurity budgets, focusing instead on delivering patient care. Smaller regional and rural healthcare facilities are often living below the 'cybersecurity poverty line,' he said. 'Security is going to come second.'
Plus, talented cybersecurity professionals have become increasingly sought after and expensive. And because of healthcare's limited budgets for technology, it doesn't always get the best cybersecurity talent, said Shankar Somasundaram, founder and CEO of Asimily.
'Healthcare may not always be able to pay the same amount,' said Somasundaram. 'Strong talent would go to another vertical, where they're getting paid more.'
While formidable to healthcare executives, the tangled web of cybersecurity challenges merely sweetens the pot for hackers who, according to Salman, view healthcare data as a 'pot of gold.' The information is highly sensitive, incredibly personal and usually deeply detailed. Plus, organizations are collecting massive amounts at a constant rate, he said. 'Any size healthcare organization that has anywhere from thousands to millions of patient records – the risk is high,' Salman said.
Selling such data to brokers through underground channels is also far more lucrative than pushing other types of data, Somasundaram added. When hackers sell credit card information, 'they have to collect 50 credit cards to make a single dollar,' he said. 'They can sell a healthcare record for tens of dollars each.'
Because of the sensitivity of health data – and the fact that these records generally can't be wiped or changed the way a credit card or phone number can – healthcare organizations will often pay up when hit with ransomware attacks, said Salman.
'Imagine having a human being's complete demographic profile. That data could be sold to pharmaceutical companies,' said Shah. 'Thieves will go where the money is. And data is the new money.'
Data loss is only the beginning of the problem, added Hughes. Cyberattacks can completely shut down healthcare facilities, forcing patients to seek care elsewhere, he said. In extreme cases, cyberattacks on healthcare organizations have been linked to fatalities, such as the 2019 attack on a hospital in Alabama that led to the death of a newborn.
'There is a state of mind that hackers are moral,' said Itay Glick, director of product at security firm OPSWAT. 'We need to understand that not all the attack groups share the same ethical standards that we think they should.'
Despite the growing risks, healthcare organizations all too often simply react to attacks rather than working to prevent them, said Salman. Along with putting patients at risk, the strategy ends up costing organizations a far larger sum than they would have paid to establish adequate cyber defenses.
While change often happens slowly, there are a variety of steps healthcare organizations can take to make themselves less attractive targets.
Some are simpler, such as consistent security patching, strengthening credentials and providing cybersecurity education to staff, said Hughes. Vulnerability and penetration-testing can also help organizations identify their biggest pitfalls, said Glick.
Backup Plan: Backing up data, meanwhile, is vital for healthcare organizations, Glick added. Since a major part of ransomware attacks is 'winning your data back,' having a backup stored can allow an organization to quickly recover, he said.
The most important fix, however, is making cybersecurity a priority, especially among leadership and stakeholders. Change and awareness have to come from the top, said Somasundaram. Rather than viewing cybersecurity as an additional cost, corporate decision-makers should treat it as a vital necessity.
'In any industry which prides itself on patient outcomes and patient wellness and improvement, they see cybersecurity as a cost, not an outcome-based thing,' Somasundaram said. 'But if they could see the tie between cybersecurity and patient impact or lives, then I do believe they'd invest.'
This post first appeared on The Daily Upside. To receive delivering razor sharp analysis and perspective on all things finance, economics, and markets, subscribe to our free The Daily Upside newsletter.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
WebMD
an hour ago
- WebMD
More Thoughts on the Myth of the Perfect Patient
In my last post, I talked about the extreme efforts I took to be the healthiest, most perfect MS patient. I realized I had more to say on the subject. If the average person looked at my diet today, they'd still think I was pretty strict. I still cut out most inflammatory foods: gluten, dairy, excessive sugar, corn, oats, veggie oils, and highly processed foods. But some "bad" habits have definitely snuck back into my life. I drink coffee every day, have Diet Coke a few times a week, indulge in (gluten-free and vegan) sugary desserts, eat out often, sacrifice sleep for fun, no longer read food labels with a magnifying glass, blast music through my headphones, and occasionally grab fast food after a night out. And with these choices comes guilt. Constant, nagging guilt that I indulge so much despite having an inflammatory condition. You would think I'd have more self-restraint, given the implications, and yet I've entered a chapter in my life where that's just … not a priority. People are often surprised by my lifestyle. Those who knew me throughout my MS journey saw me transform from a lifestyle that was average, to extremely strict and healthy, to average again, and now possibly even slightly unhealthy. They're shocked that I've "regressed" so much, and I get questioned about it constantly. I'm always uncomfortable answering. What do I say? "Yes, I still have multiple sclerosis and it's a really scary disease, but I'm just kind of taking a break from being healthy"? Or when people who newly meet me realize I have MS, they often question how it's possible when we seemingly live the same lives. They applaud me for having so much energy and "handling it so well." But they don't see me take three-hour naps just to get through my day. They don't see the migraines, numbness, and spasms that creep up on me. They don't see the constant doctor appointments, blood tests, and MRIs. Why are they so shocked by my diagnosis? Why are people shocked that I stopped eating such a strict diet? Why do they make comments about it? Why do their comments make me feel even more guilty? Why are they allowed to drink a can of soda, but not me? Nothing is worse than when someone points out I'm doing something unhealthy and asks how it affects my MS. Even when they don't mention my MS directly, the implications of my chronic illness hang heavy in the air. Because the reality is they're projecting an image of a perfect patient onto me, and that simply does not exist. Even when I was at my healthiest, I wasn't perfect. Eating that healthy gave me extreme anxiety, and any misstep sent me into a spiral. But truly, you cannot win with a chronic illness. When you try to eat super healthy, you put immense pressure and stress on yourself. When you decide not to prioritize it, the guilt and shame eat at you. Not to mention that your body changes throughout each transformation, making the transition even more obvious and difficult. When people come to me for advice about managing MS through lifestyle changes, I feel like an imposter. Yes, for almost two years I was eating strictly healthy and following all the health trends. But now, I don't really think about them. I feel inauthentic talking to people about what they should do to be healthier because I don't currently follow those practices. Sometimes, I wish I could recapture that energy, passion, discipline, and motivation I had to be so healthy. But I'm not perfect, and I am certainly not the perfect patient. For now, I will enjoy my indulgences. I will remind myself that nothing in life is permanent and that life has many chapters. I will never be the perfect patient, because there is no perfect patient. It is not my fault I have MS, and there is no need to punish myself more for it. I'm sure my healthy habits will come back to me one day. For now, I will enjoy myself in ways I never even thought possible a few years ago. And I'll try to let go of the guilt that comes from not living up to an impossible standard. Maybe the healthiest thing I can do is accept myself exactly as I am today, and try my best to live in the present.
Bloomberg
an hour ago
- Bloomberg
RFK Jr.'s Moves Leave Insurance Coverage of Vaccines in Doubt
Public health experts are taking it upon themselves to counter recent moves by Health and Human Services Secretary Robert F. Kennedy Jr. that could dramatically change US vaccine policy. They have formed a shadow group of specialists who can give recommendations on who should receive which vaccines, and are urging insurers to continue paying for shots.
Forbes
an hour ago
- Forbes
The Best Insoles For Flat Feet, According To Podiatrists
Flat feet—more formally known as pes planus—can cause pain in the feet and ankles. In fact, the pain can even travel all the way up the lower back, depending on how you shift your weight or change your gait to compensate for the condition. The best insoles for flat feet not only properly compensate for the lack of arch but can also prevent overpronation and can relieve symptoms of plantar fasciitis. Insoles like our top pick, the PowerStep Pinnacle Low Insole, can make a world of difference for people with flat feet, one step at a time. Wearing insoles designed for flat feet can 'optimize foot function,' according to Dr. Emily Sharp of LR Podiatry, by 'helping the big toe joint work more effectively, improving load distribution, and reducing strain on surrounding structures.' And while, at a glance, insoles for flat feet might look all rather homogenous, based on our research and the extensive expert input we received, it is clear that this is not a one-size-fits all product category. Thus, we have broken the best insoles for flat feet down into a number of categories to help you more quickly and precisely determine which pair might be the best choice for you to seek relief from your own pes planus. Pros: Cons: The Pinnacle Low Insoles from PowerStep are likely the best insoles for flat feet for most people. Dr. Naim Shaheed of the Ankle & Foot Centers of America calls them 'great for everyday use and easy to fit into most shoes.' And indeed, they are easy to fit into your shoes, as these insoles are available in many sizes that correspond to shoe size. In particular, they were designed to match the user's foot with no trimming required. The insoles feature a firm bottom layer made of EVA foam and a softer upper layer that cradles the foot in comfort. A sturdy and deep heel cradle makes sure your foot is in proper position and is well-supported, while a semi-flexible shell underpinning the insoles allows for natural foot movement without giving up any support. Some verified buyers have reported the logo printed onto the insoles melts and stains their socks, but a defaced sock bottom might be worth the relief these insoles can afford. Pros: Cons: A pair of Dr. Scholl's Stability Support Insoles costs five times less than the priciest insoles for flat feet in this list, but they will get the job done just fine for many people. That job includes minimizing pain throughout the foot, legs, and into the lower back thanks to improved arch support and a minimizing of overpronation, which is is an excessive inward rolling of the foot during each step. A thick heel cup further reduces pain by reducing the impact of each step you take while using these insoles. That same thick heel section can be a problem for some people and for some types of shoes, however, since it noticeably elevates the foot. Some users have complained of issues caused by the thick heels while wearing flats, for example. Most people love this legacy brand's product, however, calling out in particular that they like how Dr. Scholl's includes a guide that shows just where to trim the insole to make it fit into your shoes. Pros: Cons: The Com Mumu Arch Support Insoles were designed with larger people in mind. They are rated safe for use by people weighing up to around 260 pounds. Along with the arch support these insoles provide—which helps to remedy the discomfort of flat feet—they also hold the foot in the proper position, greatly reducing overpronation. This is achieved both through a deep heel cup and hard PU layer on the bottom of the insoles. The arch, which rises at a 30-degree angle, is too high for some people; it can make shoes too tight or can simply be uncomfortable under the foot, so be ready to return these if you are one of those few. And if you do end up keeping these insoles, you'll appreciate their modest price. Pros: Cons: If you are a highly active individual (such as an athlete, a regular gym goer, a hiker or just someone who walks miles each day), then a pair of Superfeet All-Purpose Support High Arch Insoles can be a great source of relief. Shaheed says of these insoles: '[They] offer firm support and durability, and are especially good for active individuals.' These insoles come in many sizes and can be further trimmed, so you can create a perfect fit for your shoes, which can be of extra importance when thinking about athletic shoes that will be used in high energy scenarios. It's worth noting that many customers point out that these insoles can cause foot odor, the brand's claim of a top cover that 'helps reduce odors' notwithstanding—so watch out for that, especially if you are already prone to foot odor issues. Beyond that, these are firm and supportive insoles that will help keep your foot properly positioned and that create relief from pain associated with flat feet. Pros: Cons: The PowerStep Wide Fit Orthotics Insoles are suitable for people with truly wide feet, designed for foot widths from 3E all the way to 6E. And they come in sizes that can accommodate feet as small as size 3.5 (men's) all the way up to a size 16. The insoles provide the arch support people with flat feet can need and are also good at reducing the symptoms of plantar fasciitis, which is a painful inflammation of the plantar fascia tissue at the bottom of the foot. Some people find these sturdy insoles simply too hard for comfort—especially people with feet that are highly sensitive to pain—but most people with wide feet who use them appreciate the support and the relief from foot, ankle, leg and back pain caused by the way they were walking before they started wearing them. Pros: Cons: With a bit of work, a pair of Sole Performance Insoles might just be the most comfortable and supportive insoles you can own. That work involves heating the insoles in the oven, then quickly getting them into a pair of shoes (that are in good condition), lacing up and then standing as still as possible in a neutral position for a few minutes. By the time you're done with this process, you'll have a set of insoles that have been custom molded to support your feet. And the support doesn't stop at the custom fit. These insoles have a layer of cork (made from recycled wine corks) along the bottom that helps keep the foot well-positioned and also absorbs impacts with every step. An upper layer of softer foam helps to add comfort and cradles the foot in proper position. The gear team at Forbes Vetted consists of staff writers and editors who have dozens of years of combined experience researching and testing products—in particular, footwear like walking shoes for men, workout shoes for women, and the best shoes for planar fasciitis. We bring the same level of rigor to every product category we evaluate and cover. Because these insoles are intended to help ameliorate symptoms associated with a medical condition, we relied heavily on input from certified podiatrists for this story. Their input guided our thinking as we selected the insoles included. You know your own feet, so you know if they're wide, sensitive, prone to sweat or odor and so on. Keep the specifics of your feet in mind as you shop for insoles. 'In my experience, the best insoles for flat feet provide a few key features, including a firm arch support that helps to stabilize the foot and reduce strain,' says Shaheed. Arch support is critical for people with flat feet, but keep in mind that not every flat foot needs the same level of arch support, quite literally speaking—some insoles may have arches that are too low or too high for you. Deep heel cups properly support and position the foot, helping reduce the discomfort caused by flat feet and also helping prevent overpronation, when the foot rolls inward too much while walking. A good insole will make every step more comfortable, and part of the way it does that is by dampening the shock created by footfalls. 'Comfortable, shock-absorbing materials allow for all-day wear,' says Shaheed. Adding to that, Tulpule says, 'Materials like EVA foam can contribute to better shock absorption and all-day comfort.' Your insoles have to fit your feet properly, so make sure to chose insoles that come in a range of sizes or that can be trimmed to fit using scissors. Ideally, you will find insoles that are already a good fit and that can be trimmed slightly as needed for a perfect match to your feet and shoes. What Causes Flat Feet? Flat feet can be caused by several different things, including genetics, an injury or illness or they can occur over time as a result of aging. While some people are born with flat feet, others develop them later in life with another cause being the wearing of improperly fitting or poorly constructed shoes. Can Over-The-Counter Insoles Help With Flat Feet? Yes they can, provided you choose the best insoles for your feet, meaning ones that fit well, that can accommodate your weight and that are wide enough. If you find insoles don't help you, then you might need some form of intervention. 'For anyone dealing with chronic pain or recurring foot problems, I'd suggest seeing a podiatrist,' says Shaheed. Can Flat Feet Be Cured? In a manner of speaking, yes, flat feet can be treated and often 'cured' to some degree. This is usually done through physical therapy and specific exercises that can strengthen the foot arch. Orthotics like insoles can also help in reshaping the bottom of the foot over time. And in extreme cases, surgery is an option to restore proper foot shape and function.
