A devastating cyber attack recently occurred on the US payment service Change Healthcare, which is part of the UnitedHealth Group. Many healthcare organizations have been cut off from the platform they rely on for patient claims submission and payment.
While the outage does not appear to affect systems that provide direct, critical care to patients, it did expose a vulnerability that affects the entire U.S. healthcare system.
The cyberattack on Change Healthcare reveals the risk of devastating ripple effects and widespread vulnerabilities across the healthcare industry. This attack demonstrates the scope of the targets and the enormous financial impact - whether through ransom payments or systems recovery efforts - as well as the far-reaching consequences for overall patient care. The threat actors are not targeting individual healthcare providers, but are targeting their attacks at critical nodes where connections branch out to hundreds of organizations, allowing them to cause very high and serious damage with great efficiency.
Danger to health
From large insurance providers to individual patients, everyone is affected. The impact can, in some cases, be life-threatening for patients who cannot receive the medications they urgently need, and in other cases, it can lead to financial ruin for healthcare facilities with no cash and no incoming revenue. The attack is a clear example of the importance of supporting services to patient care and illustrates that the risk extends far beyond medical devices. Disruptions and disruptions to these services and the underlying structure that ensures the functioning of overall patient care can have far-reaching effects.
The report “The Anatomy of Cybersecurity: A Dissection of 2023's Attack Landscape” underscores the current threat landscape in healthcare: Global cyber attack attempts more than doubled last year and increased by 104 percent. On an average day, more than 55.000 physical and virtual assets are connected to corporate networks. What is astonishing is the fact that 40 percent of these assets are not monitored. This risk is compounded by the fact that 12 percent of healthcare still uses operating systems that are at end of life (EoL) or end of support (EoS). This means that attackers don't necessarily need a sophisticated plan to penetrate networks undetected and cause massive disruption to operations. All you have to do is find and exploit one of the many security vulnerabilities.
Effective defense measures
At its core, this attack is about the fundamental principles of cybersecurity, such as transparency and vulnerability management. Robust management of cyber risks is non-negotiable. Healthcare organizations need to expand their visibility across their entire device and service environment to conduct holistic risk assessments - particularly for systems that directly enable patient care, whether in a hospital, clinic or outpatient service. A comprehensive strategy will proactively mitigate all cyber risks, address vulnerabilities, eliminate threats and protect the entire attack surface. Every asset, from building management systems to network-connected medical devices, must be discovered, protected and managed.
More at Armis.com
About Armis
Armis offers the market-leading asset intelligence platform designed to address the new threat landscape created by connected devices. 40 Fortune 100 companies rely on our continuous, real-time protection for all managed and unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G to be seen in full context.
Matching articles on the topic