Global Healthcare Cyberattacks Increased by 74% in 2022
The latest data released by the cybersecurity firm Check Point has confirmed that 2022 was a particularly bad year for cyberattacks, which increased globally by 38% year-over-year fuelled by a sizeable increase in attacks on healthcare organizations. Globally, the healthcare industry had the highest percentage increase in weekly cyberattacks of any industry sector, with an increase of 74% from 2021 to an average of 1,463 attacks per week.
With that increase, healthcare rose to become the third most attacked industry globally behind the government/military with 1,661 attacks a week (+46%) and education/research with 2,314 attacks a week (+43%). In the United States, healthcare ranked second with 1,410 attacks per week, which is an 86% increase from 2021. Across all industry sectors, cyberattacks in the United States increased by 57% year-over-year.
The healthcare industry is an attractive target for cybercriminals due to the volume of easily monetizable data that can be stolen, and the higher-than-average probability of extortion demands being met to prevent the release of stolen data. The Check Point Research team also points out that as an added advantage, ransomware gangs gain a lot of publicity from attacks on hospitals, with the attention increasing their notoriety.
There were notable changes in the threat landscape in 2022, especially concerning ransomware attacks. While in previous years large ransomware groups dominated the threat landscape, in 2022 these larger groups evolved into much smaller, more agile cybercriminal groups that are better able to evade law enforcement. Check Point also notes a diversification in cyberattacks on businesses that now exploit a much wider range of business collaboration tools, including Slack, Microsoft Teams, Google Drive, and OneDrive, all of which are rich sources of valuable data that can be obtained through phishing attacks.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
One of the biggest concerns raised by the researchers and other security professionals is the potential for the AI-driven natural language processing tool, ChatGPT, to be used for creating new malware, ransomware, and phishing attacks. Researchers have already demonstrated that the tool can be used to create convincing phishing emails, making attacks even easier to conduct for non-native English speakers, and the potential for misuse in social engineering is considerable. While there are safeguards in place to prevent the tool from being used to create new malware, they are far from effective. One security researcher used the tool to generate ransomware code that was almost perfect, likening the safeguards to preventing a 3-D printer from being used to print a functioning gun, yet allowing all of the constituent parts to be created separately. There is no doubt that this tool will be of appeal to cybercriminals and will be misused.
Tracking specific types of cyberattacks in healthcare can be a challenge, as there is no standardized reporting. HIPAA requires data breaches to be reported, but the HHS only tracks cyberattack-related data breaches as hacking/IT incidents. Further, many breached entities choose not to disclose the exact nature of attacks, such as if ransomware was involved. Data collected by Emsisoft suggests ransomware attacks have leveled off, but the cybersecurity firm only analyzed data breaches at hospitals, not the broader healthcare ecosystem which includes healthcare industry vendors which were heavily targeted in 2022.
While the data from Check Point Research indicates an increase in healthcare cyberattacks in the United States, these attacks do not always result in data breaches. The HHS’ Office for Civil Rights breach portal currently indicates a slight reduction in reported data breaches, although data for 2022 is still being added to the breach portal. HIPAA Journal will publish its end-of-year healthcare data breach report next week when there is a clearer picture of the year’s totals but, as it stands on January 10, 2023, 701 data breaches of 500 or more records have been reported to the HHS in 2022, 13 short of the record-breaking total of 714 data breaches in 2021.
While it appears that healthcare data breaches have declined slightly, it is worth noting the increase in the number of breached healthcare records in 2022. Across the 701 data breaches, the records of 51,884,675 individuals have been breached, which is more than any year other than 2015, which included the 78.8 million-record breach at Anthem Inc. That 13.1% increase in breached records is concerning.
2022 also saw two major milestones reached. In 2009, the HHS started publishing a summary of reported healthcare data breaches of 500 or more records. In 2022, the number of reported data breaches surpassed 5,000. The second unwelcome milestone is more healthcare records have now been breached than the entire population of the United States. Since the HITECH Act required OCR to start publishing healthcare data breaches in 2009, more than 382 million healthcare records have been reported as having been exposed or impermissibly disclosed.
