Boom in telehealth raises risk of cyber attacks

The boom in telehealth usage may have come about as a means to facilitate enhanced remote patient care during the global pandemic, but it also increased healthcare providers’ ‘digital footprints’, says global security ratings firm SecurityScorecard and dark web research company DarkOwl LLC – and this has made both providers and patients more vulnerable to vicious cyber attacks.

The popularity of telehealth skyrocketed as healthcare was adapted to pandemic conditions. At the height of the pandemic, the number of telehealth primary care visits increased 350-fold from pre-pandemic levels, data from the US Department of Health and Human Services showed. However, the number of targeted attacks have also increased; SecurityScorecard and DarkOwl reviewed the 148 most-used telehealth vendors* and found a 30-per-cent increase in cybersecurity findings per domain, including a 117-per-cent increase in IP reputation security alerts such as malware infections.

Cyber resilience key to protecting patient data

The dark web is seeing evidence of cyber criminals selling patient healthcare data, malware toolkits that specifically target telehealth technologies, and strains of ransomware that are uniquely configured to take down healthcare IT infrastructure, research conducted by DarkOwl revealed.

“While telehealth is an integral part of maintaining social distancing and providing patient care, it has also increased healthcare providers’ digital footprint and attack surface, which we see with the increase of findings per telehealth domain, and in factors like endpoint security,” said Sam Kassoumeh, COO and co-founder of SecurityScorecard. “It’s an indicator that healthcare organisations should continue to keep a focus on cyber resilience.”

Assistance providers need to be extra vigilant to protect their customers

Not so long ago, Babylon health reported a patient data breach, which it insists was a software error rather than a malicious attack. In this instance, the issue was cleared up immediately, and the affected patients contacted. An IT breach on a larger level, and caused by cyber-criminal activity, would spell serious trouble for assistance providers, who have a wealth of members currently using telehealth solutions.

SecurityScorecard and DarkOwl’s new report should come as a stark warning to those working in the patient care sphere. As technology drives healthcare to become increasingly cloud-based, the cyber risks become increasingly prominent, and extra vigilance should be taken when it comes to cyber threat protection.

*according to Becker’s Hospital Review.