Healthcare organizations are facing a significant challenge as 89% of them have identified the top 1% of riskiest Internet of Medical Things (IoMT) devices with known exploitable vulnerabilities (KEVs) on their networks. These vulnerabilities are linked to active ransomware campaigns and present a serious security risk. According to a report by Claroty, this issue demands immediate remediation efforts from security teams to prevent potential cyberattacks.
The analysis conducted by Claroty covered over 2.25 million IoMT devices and 647,000 operational technology (OT) devices across 351 healthcare organizations. The findings highlight the pervasive security flaws in IoMT devices that pose a threat to the overall security of healthcare organizations.
CISOs, responsible for managing cybersecurity in healthcare delivery organizations (HDOs), are facing a myriad of challenges in maintaining patient safety and ensuring uninterrupted patient care. The report points out that CISOs are struggling with outdated legacy technologies that are vulnerable to cyberattacks due to lack of support from vendors. The patching process is further complicated by the regulatory requirements imposed by the U.S. Food and Drug Administration (FDA), adding to the mounting security risks faced by healthcare organizations.
The report reveals that 9% of IoMT devices have confirmed KEVs, affecting 99% of organizations. Particularly concerning is the fact that 8% of imaging systems, such as X-rays and CT scans, have KEVs linked to ransomware, impacting 85% of organizations. Additionally, 20% of hospital information systems (HIS) have KEVs associated with ransomware and insecure internet connectivity, affecting 58% of organizations.
Cybercrime syndicates, including Russian cybercrime groups, are actively targeting hospitals due to their vulnerability and the critical nature of their operations. Ransomware attacks have become increasingly sophisticated, with attackers employing double-extortion tactics to extort ransom payments from healthcare organizations. The report highlights the success of groups like Black Basta and BlackCat/ALPHV in orchestrating major breaches in the healthcare sector.
An alarming trend identified in the report is that 78% of organizations surveyed reported making ransomware payments of $500,000 or more, with 39% meeting demands ranging from $1 million to $5 million. These exorbitant payments underscore the financial burden imposed by cyberattacks on healthcare organizations.
The vulnerabilities in IoMT devices pose a significant risk to hospitals, particularly those using connected surgical devices. These vulnerabilities, if exploited in an attack, could severely impact patient care and wellbeing. The report stresses the importance of addressing these vulnerabilities proactively to safeguard patient safety and ensure operational continuity.
In response to these evolving threats, healthcare security leaders are advised to adopt an exposure-centric approach to prioritize critical vulnerabilities and align remediation efforts with industry guidelines. By taking proactive measures to enhance cybersecurity practices, healthcare organizations can mitigate the risks posed by cyber threats and protect the integrity of their operations.
In conclusion, the relentless targeting of healthcare organizations by cybercriminals underscores the urgent need for robust cybersecurity measures to safeguard patient data and ensure the uninterrupted delivery of care. Collaborative efforts between industry stakeholders, regulatory bodies, and security experts are essential to bolster the resilience of healthcare organizations against cyber threats.