Dangers of a “connected” health system: predictions for 2022

For the second year in a row, Kaspersky is making predictions for the health sector amid the global COVID-19 pandemic. Unfortunately, the virus still dominates most aspects of our lives, and of course, the pandemic is still the biggest topic in medicine, which is also the most discussed.

Part of ours last year’s forecasts was based on the assumption that the pandemic would continue for at least a few months in 2021, and since this assumption proved correct, so are many of our predictions.

As we predicted, there has been a significant increase in the number and extent of medical data leaks. Company report Constella Intelligence for 2021, it showed that the number of leaks of personal data in health care has doubled compared to 2019. Several factors contributed to this. First, the digitalization of the health care system has increased significantly in the last few years, and so, because there was more data, the extent of leakage of such data has also increased. Second, cybercriminals have already begun to pay more attention to this industry, for which they certainly did not lose interest in 2021. As we predicted, they continued to use medical topics as bait and, as a result, their victims were often medical professionals.

The start of the mass vaccination campaign has also led to a number of scams. After the first vaccines appeared, the online vaccine trade began on the Internet – and especially on dark web forums – and no one could verify their authenticity. However, these fraudsters found buyers who wanted to get the vaccine as soon as possible. Later, there were offers for fake vaccination certificates and various QR codes bought by users who wanted to avoid the restrictions placed on the unvaccinated.

Our prediction that hacker attacks on vaccine manufacturers will increase did not come true. The main cases of these attacks occurred at the end of 2020. Most vaccines appeared on the market soon after that and, apparently, it seemed that it was no longer necessary or profitable to interfere in the process of their development or steal confidential information.

Ransomver groups continued to attack medical organizations. It was published in September new research which indicates that this type of attack has led to an increase in patient mortality, as well as delays in test results and delays in providing treatment and discharging patients from hospitals. Moreover, story about the death caused, not in a statistical sense but directly, the ransomver attack on the medical facility attracted media attention during the fall. As a result of the ransomware attack, one child died in an American hospital because doctors could not provide him with adequate treatment due to frozen computers. Unfortunately, despite the great efforts of medical institutions and information security companies, the healthcare industry remains insufficiently protected and vulnerable to attacks of this kind.

Predictions for 2022

  • Telemedicine will continue to evolve. This means that more applications will appear for consulting doctors and monitoring the health of patients, and cybercriminals will have the opportunity to discover security holes in a whole range of new applications created by developers who have never made this type of product before. Moreover, malicious counterfeit telehealth apps are more likely to appear in app stores: fake apps that mimic real ones and promise the same functionality.
  • The demand for fake digital medical documents will increase, as will the supply. The more privileges are given to those with a COVID passport, the more people will be interested in buying it, instead of getting vaccinated or tested.
  • The sensitivity of medical data found during leaks will increase. The data contained in the medical documentation are in themselves very sensitive. However, the possibilities for digitalization of medical equipment are growing, and providers will increasingly use wearable devices or even sensors built into the human body to collect even more sensitive data that is not necessarily medical in nature. These devices can, for example, provide details of a person’s movements.
  • Medicine will always be a popular topic for use as bait in cybercrime scams. Since the beginning of the pandemic, an increasing number of medical services have been partially or completely relocated online, so patients are now awaiting notifications of test results and messages from doctors. Therefore, a message that falsely presents itself as an important “medical” notification can catch victims unprepared as well as false messages from banks.
  • The growing number of data leaks and ransomware attacks on medical organizations clearly shows, among other things, the lack of awareness about information security among health professionals. If there is no comprehensive training process in 2022 – and this is not expected at the moment – we will witness a steady increase in the type of attacks in question.

Source: Personal magazin by www.personalmag.rs.

*The article has been translated based on the content of Personal magazin by www.personalmag.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!