During the pandemic process, cyber attackers as the whole world have turned their eyes towards the health sector. It is pointed out that the security vulnerabilities in the sector, where a data breach is encountered the most, bring along the risk of death with a 12% increase, compared to last year.
The health sector is one of the leading areas where the technology is used the most and operations are digitized the most. The sector in which digital transformation has picked up more speed with the Coronavirus pandemic has been at the center of the past year’s cyber attacks. According to the data shared by IBM, the cyber attacks against healthcare facilities, hospitals, pharmaceutical manufacturers, and other medical companies that provide service especially within the coronavirus research and treatment doubled up in 2020. These attacks have caused about 7,13 million-dollar loss per case with a 10% increase, compared to last year. The sector ranked first place among all sectors with a 12% increase in data breach rate, compared to 2019 as well.
The local cybersecurity company Berqnet Firewall General Manager Hakan Hintoglu has made evaluations in the matter and said “Medical product contents such as drug, vaccine and patient information are extremely attractive targets for cyber attacks. For this reason, it is necessary to evaluate cyber security in terms of patient safety and institutional risk at strategic priority. Steadily backing up the critical data and periodically putting all electronic systems to vulnerability scan are among the major precautions, needed to be taken.”
The share reserved by the health sector in the BT budget is 7%
Hakan Hintoglu has also mentioned the reasons why the health sector is targeted and explained “Firstly, high-value excessive information must be contained in terms of financial and intelligence. Financial information such as credit card and bank account numbers, personal information such as identity numbers, medical research, and intellectual property information about innovations alongside the patients’ health information can be included in the target of cyber attack. Another reason is the substantial damage that can inflict a health facility due to a cyber attack and accordingly the increase in the ransom demand. In the health facilities’ becoming the target of cyber attacks, another reason which rivets the above motivations is that this sector still has serious cybersecurity vulnerabilities. Thus, recent researches show that the health sector falls behind the other sectors as to cybersecurity precautions, and only 7% of the budget, allocated for information technologies, is used for cybersecurity.”
Cybersecurity is now also related to life safety
Hakan Hintoglu has remarked that cybersecurity vulnerability brings along the risk of death as well and said “At the University Hospital of Düsseldorf of Germany in September 2020, a cyber attack caused a loss of life. The data that was found in the 10 servers of the hospital network was encoded and ransom was demanded. Within this period where the data could not be accessed and systems were not working correctly, a patient who came to the hospital was compulsorily referred to another hospital and passed away due to loss of time. This unfortunate example proves the relation between cybersecurity and life safety in our rapidly digitized world.”
Every company that processes sensitive data must take measures
Hintoglu has shared the points within data security to be taken into consideration by all experts and institutions in the fields of health such as pharmacies, doctors, dentists, dieticians, hospitals, clinics, rehabilitation centers, optical centers, and spa centers that process sensitive data and stated “First of all, it is very important to expand the awareness of employees and increase the cybersecurity literacy. Data access permissions must be carefully determined and constantly controlled. Firewall and antivirus products must be certainly used. Operating systems and current security software must be kept up-to-date and unlicensed, pirated, or “crack” software must be avoided. At this point, we as Berqnet support all sensitive data processing institutions. With the firewall devices that we have developed, we enable institutions to provide integrated data security. The use of a firewall is quite critical about the provision of data security at a crucial technical measure position for, especially TDPA (Turkish Personal Data Protection Authority). In a word, we can say that the gateway of TDPA is cybersecurity.”