The idea of someone hacking into a medical clinic's database to steal medical records is disturbing. The idea of someone purposefully causing an epileptic to have a seizure is appalling. The idea that someone would hack an individual's pacemaker and cause them to have a heart attack is sickening. What type of person would do any of the above? We'll tell you: a depraved cybercriminal looking to turn a profit at the expense of the ill and infirm.
Sadly, two of the above situations have actually occurred, and cybersecurity professionals say that it's only a matter of time before a cyber crook hacks pacemakers, making the third an eventual reality.
A healthcare breach can have a disastrous effect not just on your medical practice, but on the lives of your patients. Let's take a closer look at how a cyber breach can critically disrupt healthcare systems.
Stolen medical records results in a lifetime of stolen identities.
In 2015, the healthcare industry ranked number one in data breaches. Dark Reading reports that "major cyberattacks on healthcare grew 63 percent in 2016." Why cybercriminals are going after the healthcare industry? Unlike credit card numbers that can easily be canceled, a patient's medical records contain information (like birthdates, SSNs and insurance numbers) that cannot be cancelled or replaced. A SSN is for life; a cyber crook can continually sell a SSN number and turn a profit for years. The monetary value of a stolen medical record far exceeds the trouble of cracking a network.
Epileptic patients go into seizures because a webpage was hacked to display flashing colors.
If ransoms go unpaid, pacemakers can be short-circuited to cause heart attacks.
U.K. based researchers found that they could "transmit life-threatening signals to implanted medical devices with no prior knowledge of how the devices work," according to ComputerWorld. By reverse-engineering signals, the researchers learned that they could deplete the pace maker's battery life, steal the patient's private medical information and send the pacemaker into electrical shock, harming the patient. In mid-April the FDA warned the healthcare industry that there could be a wave of medical-device breaches.
In an interview with The Hill, vice president of IT risk management at Merck & Company, Terry Rice said that, "In just the last few years... we've seen more than a hundred million records of American citizens breached." If a patient is unable to pay ransom for their pacemaker, they could pay for it with their life.
No one is safe from the nefarious dealings of a cybercriminal. Protect your patients today when you sign up for a cyber insurance policy with CyberPolicy.