PA R T O N E
Is your practice cybersafe?
There’s no question that Australian businesses are under threat online. Worryingly, health providers are more vulnerable than most to cybersecurity breaches.
According to Accenture, security breaches have increased by 11% since 2018 and 67% since 2014. Late last year, the Government showed us how seriously it takes cybercrime by launching an official Australian Cyber Security Centre. The national cybersecurity campaign urges Australians to strengthen their cyber defences and be alert to online threats. Minister for Defence, Senator Linda Reynolds, launched the ACSC campaign in December 2020, saying: “Cybercriminals are relentless, operating around the clock and around the world, in a bid to steal the data and money from Australian businesses and families. “Australians are reporting more than one cybercrime every 10 minutes, making it more important than ever that we all remain alert to the threat of cybercrime.” Dr David Glance, Director of the UWA Centre for Software and Security Practice, says healthcare providers have been subject to increased attacks from cyber criminals. “However, heath providers are being especially targeted by ransomware attacks because these are designed to make a business inoperable by encrypting all of the information on computers in the practice until a ransom payment is made,” he explains. “Because practices have become increasingly reliant on electronic patient records, it is impossible to treat patients without access to those records.
10
EDITION 6 | 2021 Western Articulator
“Worse still, attackers have been not only encrypting information to make it inaccessible but have been stealing data and threatening to publish it if the ransom is not paid,” he adds. “This is especially concerning when the information is personal information belonging to patients.” Most valuable to hackers is information that, if released publicly, would cause harm to the business or to its customers or patients to a hacker. “The average cost of a data breach in healthcare is the highest of any industry, at over $7 million per breach,” says Adam Gordon, ANZ Country Manager at Varonis. “This is due to the highly sensitive nature of the data healthcare organisations collect, such as confidential patient records in the case of dentists and hospitals. “Attackers know healthcare providers hold large amounts of sensitive patient data, and that they also can’t do their jobs without access to this data. Attackers are using highly targeted campaigns where they steal data, encrypt it, and extort the victim organisation – pay up, or the attackers publish sensitive information,” Adam adds. “Ransomware is also offered as a service – meaning less experienced hackers buy a toolkit and launch an attack that, if not caught, could unleash ransomware across a victim organisation.”
