We’re fortunate to live in an age when medical technology is hyper-advanced and continuing to innovate rapidly. Today, depending on where you live, you may expect to live to be up to 80 years or older; but just a hundred years ago, most people didn’t make it beyond the age of 50.
Obviously researchers, medical professionals, and most citizens in the developed world expect better and more sophisticated medical tools and practices. New technologies empower us to diagnose diseases more swiftly and accurately, prescribe medications and treatments with greater effectiveness, and perform surgery and other procedures with greater precision.
But one looming question about such technologies hasn’t been fully answered: How secure are they?
Targeting the medical industry
You might not picture the medical industry as a focus of cybercriminals, but it’s actually one of their biggest targets. In fact, more than 100 million medical records were compromised in 2015.
Just a year previous, in 2014, health care was barely on the radar among hackers. Now it has displaced other powerful industries, including manufacturing, financial services, government, and transportation.
Here are the most important reasons why:
System importance. If your personal computer is seized by ransomware, how vital is it for you to restore its functionality right away? You might miss your evening ritual or a few hours of work, but ultimately, you can survive a day or two if necessary to restore your computer to working order. Systems in hospitals can’t afford that luxury: Patients depend on medical systems to remain fully operational, and without interruption. When attacked by ransomware, hospitals have to restore their systems to full operating capacity as quickly as possible, which might require the payment of tens to hundreds of thousands.
Sheer number of systems. Employees in the medical industry end up logging into roughly twice as many systems as workers in other fields. This is partly due to the sheer number of apps available to medical professionals. That alone wouldn’t be a problem, but more logins and more systems mean more potential points of vulnerability to exploit.
Outdated systems. Hospitals also aren’t the best at keeping their systems upgraded. Many use older technology, which means they’re easier to exploit.
Data value. You might think the financial industry has the most lucrative data for cybercriminals; one successful hack could turn up many clients’ bank accounts and investment information. But hospitals collect and store a great deal of personal and private data that most other industries don’t. They’ll have your name, address, Social Security number, insurance provider, and any medications you’re taking.
Minimal protection. Despite being one of the biggest potential targets, the health-care industry has some of the worst security measures of any industry. When surveyed, only 31 per cent of health-care professionals said they “extensively” use encryption to secure data, while 5 per cent used no encryption and had no plans to adopt any standards. Compare that to the financial services market, where 58 per cent of professionals use encryption extensively to secure data.