INTELLIGENT BRANDS // Enterprise Security

The critical nature of healthcare makes it a prime target, where every second of downtime or breach can mean a delay in care, or even worse, a loss of life. Ransomware and phishing are the most prevalent threats. The former preying on the critical need for timely access to patient data.

Data exfiltration and extortion have overtaken encryption-based attacks as the primary ransomware tactics, simplifying operations and maximising payouts. The urgency of

Shayimamba Conco, Cyber Security Expert, Check Point Software Technologies

Figures issued in a separate Check Point Threat Intelligence Report over the last six months show that a South African healthcare organisation is attacked on average 1,626 times per week.

“ There was a time when cybercriminals held off from attacking the world’ s healthcare institutions for reasons of ethics, but no more,” says Shayimamba Conco, Cyber Security Expert at Check Point Software Technologies.

International espionage authorities such as the FBI and INTERPOL have warned for years that threat actors view hospitals and healthcare providers as prime extortion targets. healthcare services makes providers more likely to pay ransoms to restore access quickly, to potential data loss, operational downtime, and significant financial strain.

Compromised patient data however can lead to breaches of privacy and security, with long-term consequences for affected individuals. This can include identity theft and other forms of exploitation. Beyond the ransom itself, the costs associated with recovery, system upgrades, legal fees, and potential fines can be substantial.

“ Perhaps the greatest cost is reputational damage,” says Conco,“ Trust is critical in healthcare, and a successful ransomware attack can damage an organisation’ s reputation, eroding patient trust and potentially to a loss of business.”

South Africa’ s own healthcare sector stands at a critical juncture with its need for rapid digitisation to address escalating costs, boost efficiencies as well as prepare for the impending roll out of the proposed National Health Insurance, NHI scheme. Healthcare NGOs too have been stung by the recent withdrawal of US funding.

“ The healthcare industry is already a prime target for cyber-attacks, and the USAID withdrawal will further amplify the risks in this sector,” says Conco.

The vulnerability of the sector is illustrated by the cyberattack by The BlackSuit ransomware group on the National Health Laboratory Services in June last year, which disrupted lab result dissemination amid a Mpox outbreak. System sections, including backups, were deleted forcing manual result communication. Despite the attack, labs continued processing samples, but full system restoration took months afterwards.

“ It is common to see that many healthcare breaches also begin with phishing, unpatched systems, or misconfigured networks, not complex Zero-day exploits. Prevention is entirely possible, but not prioritised,” says Conco. p

60 INTELLIGENTCIO AFRICA www. intelligentcio. com