7 reasons why healthcare and pharmaceuticals providers are so susceptible to ransomware and data loss in 2022 blog card

7 reasons why healthcare and pharmaceuticals providers are susceptible to ransomware and data loss

Healthcare and pharmaceuticals are two industries relentlessly targeted by cybercriminals. And to rub salt in the wound, cyberattacks on these industries are also the most expensive. IBM found that the average cost of attacks in healthcare totaled $7.13 million in 2020 and $9.23 million in 2021. But there’s a more sinister – and human – cost of cyberattacks on healthcare, and consequences of attacks like ransomware can often spell life-and-death.

But what makes these industries so appealing to hackers, attackers, and cybercriminals to begin with? In this blog, we explore 7 reasons why healthcare and pharmaceuticals providers are so prone to ransomware and data loss in 2022.

1 Healthcare and pharmaceuticals organizations store very sensitive data 

Protected health information (PHI), medical history and records, and a plethora of personally identifiable data (PII) are all stored within healthcare IT systems. This is well-known to cybercriminals, and so makes organizations within these industries a prime target for cybercriminals looking either to harvest data and credentials, access finances, or encrypt systems and demand a ransom. 

2 The healthcare and pharmaceuticals industries are rapidly digitizing

The use of electronic health records (EHRs) and electronic public health information (ePHI) has only accelerated due to COVID-19. In 2020 the UK National Health Service (NHS) estimated the cost of their updated digital transformation strategy to be £8.1bn alone. What’s more, 55% of patients would share their information digitally if this reduced costs. With this increase in data being held digitally, plus a plethora of medical devices now comprising the vast Internet of Things (IoT), providers must ensure their digital infrastructures are properly protected. If they don’t, then this data is ripe for the picking.

3 Widespread attack surface and inadequate training

68% of cyberattacks start with a phishing email, 1 in 8 US citizens work in healthcare, and since November 2020 there’s been a 45% increase in the number of attacks seen against healthcare organizations. What’s more, research has found that 1 in 7 workers falls for a phishing email. Ultimately, a combination of fear-mongering, inadequate security awareness training, lack of protocol adoption, and widespread attack surface mean healthcare is the most breached industry and second most phished

4 Not enough investment in the right areas for cyber resilience 

Investing in cyber resilience and putting the fundamentals in place is key for preventing ransomware and other cyberattacks. But it’s been reported that just 22% of IT managers have confidence that their healthcare organization is allotting adequate funds to secure its IT systems. Email security doesn’t need to be difficult, and protocols like DMARC exist to keep businesses, data, and people secure.

5 No one dedicated to protecting against breaches

While there’s been 94% growth in the number of cybersecurity job listings in healthcare since 2013, Poneman found that 28% of respondents said no one person has overall responsibility for their organization’s risk management approach or strategy. If there’s no one role accountable for protecting infrastructure and data, then this creates instability that attackers can take advantage of.

6 Large supply chains and significant third-party outsourcing

Third-party outsourcing increases the attack surface, as it can be hard for healthcare providers to ensure their supply chain is implementing the proper protocols for protection. With outsourcing set to increase in healthcare this year, this risk will only increase too. For example, suppliers that are poorly protected could be open to impersonation, meaning phishing emails, fake invoices, and data requests are more likely. 

7 Legacy systems, outdated processes, and lack of preparedness

“The NHS health and care services are dependent on people, processes and information technology (IT) systems, and some of these IT systems are outdated and inefficient.” While this refers to the UK’s National Health Service, the story is the same for healthcare providers globally, creating ripe opportunities for cybercriminals to take advantage. What’s more, 75% of healthcare facilities were found to be unprepared when it came to responding to cyberattacks, another area that needs rapid improvement to avoid potentially devastating consequences.

DMARC is the first line of defense against phishing and ransomware

While we’ve focused on healthcare and pharmaceuticals in this blog, ultimately the same can be said for any industry that holds large amounts of sensitive data and hasn’t implemented the basic measures to protect it. The most essential and fundamental of these measures is DMARC.

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It’s an email security and authentication protocol that protects domains against exact impersonation. Essentially, it ringfences your domain and blocks hackers from being able to use it to impersonate your business and send phishing emails to your customers, employees, and supply chain.

Why not take the first steps towards better emails security by getting your free DMARC, SPF, and DKIM health check today?

Check email DMARC setup

PUBLISHED BY

Sabrina Evans

18 Feb. 2022

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Winter wins: Red Sift OnDMARC wraps up 2024 as a G2 DMARC…

Francesca Rünger-Field

The season of giving has brought us another reason to celebrate! Red Sift OnDMARC continues its winning streak in G2’s Winter 2025 report, earning Leader status in the DMARC category for another consecutive season. This recognition reflects our strong market presence and the unwavering satisfaction of our customers. Cheers to wrapping up 2024 on…

Read more
AI

Text classification in the age of LLMs

Phong Nguyen

As natural language processing (NLP) advances, text classification remains a foundational task with applications in spam detection, sentiment analysis, topic categorization, and more. Traditionally, this task depended on rule-based systems and classical machine learning algorithms. However, the emergence of deep learning, transformer architectures, and Large Language Models (LLMs) has transformed text classification, allowing for…

Read more
Security

How to drive cybersecurity as a top business priority

Jack Lilley

Everyone has a role to play in protecting the enterprise. Whether you’re shaping strategy or implementing solutions, aligning efforts to mitigate critical risks ensures a stronger, more resilient enterprise. If you missed Red Sift’s recent webinar on “From Data to Buy-In: Driving Cybersecurity as a Top Business Priority” we’ve got you covered. The session…

Read more
DMARC

BreakSPF: How to mitigate the attack

Red Sift

BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like…

Read more