Cyber threats continue to evolve: Understanding and mitigating new threats in health care

Anurag Lal: ©NetSfere

It’s no secret that the health care sector is vulnerable to cyberattacks. That vulnerability is increasing in tandem with the growing digitization of the industry. According to Software Advice’s 2024 Healthcare Data Security Survey, 87% of data held by today’s medical practices is digital.

Reliance on digital technologies is set to increase as new technologies such as artificial intelligence and quantum computing emerge. For medical practices and health systems, these technologies hold the promise of increasing efficiency, enhancing patient experience, and improving health outcomes. At the same time, cybercriminals are adapting their tactics to leverage these technologies to gain access to lucrative health care data.

Unfortunately, there is no shortage of cyber threats that can compromise patient safety and cause operational disruption. Today, AI and quantum computing are opening the door to new cyber risks.

As the threat landscape evolves, medical practices and health systems must understand these new threats and take steps to mitigate them.

AI-powered cyber threats

The rise of AI is introducing new cyber risks in health care.

The technology is helping cybercriminals hone and automate their attacks, enhancing the efficiency, sophistication, and scalability of these attacks.

Cybercriminals look to weaponize AI technology to execute sophisticated phishing attacks, deploy malware that evades detection and compromise chatbots.

Phishing

Phishing is one of the top cybersecurity threats in health care. A leading cause of health care data breaches, many phishing attacks use deceptive emails or texts to trick users into divulging sensitive information or to click on a malicious link that infects a system with ransomware.

Cybercriminals use AI to make phishing attacks even more dangerous and hard to detect. The technology allows threat actors to automate and personalize phishing emails and texts, tailoring messages to look like legitimate communications. AI-generated phishing attacks don’t typically contain the usual red flags such as misspellings, grammar mistakes and awkward phrasing, making them harder to spot.

Malware

Malware is software designed to disrupt, damage, or gain unauthorized access to a computer system. Bad actors are using AI to develop code for malware that adapts to evade detection and automatically finds vulnerabilities that can be exploited. AI-operated malware can bypass security technologies, making it more challenging to detect and stop this threat.

Chatbots

AI chatbots, which are becoming increasingly common in health care, can be manipulated by hackers. Hackers can use an attack called prompt injection which disguises malicious inputs as legitimate prompts to manipulate chatbots into leaking sensitive data or spreading misinformation.

Fending off AI-powered cyber threats

Medical practices and health systems can take the following steps to help guard against AI-powered cyberattacks:

Monitor and update security measures

Regularly monitoring and updating security measures can help healthcare organizations stay one step ahead of cybercriminals. Organizations should conduct routine security audits to identify potential vulnerabilities and suspicious activities. Organizations should also ensure that the mobile messaging technology they use features end-to-end encryption technology designed to protect data at rest and in transit. That means that even if an unauthorized individual gains access to messages, they are unreadable to read them. This provides maximum protection for healthcare communication, maintaining the security and privacy of confidential patient information.

Conduct third-party vendor assessments

Medical practices and physician offices should assess the security policies, practices, and track record of the technology vendors they use. This process can help ensure that vendors adhere to the highest security and compliance standards and vendor security practices align with organizational requirements.

Keep up to date

A website launched by the HHS Health Sector Cybersecurity Coordination Center (HC3) can help physicians and their medical practices stay up to date on potential cyber threats. In 2023, HC3 issued a threat brief on AI, cybersecurity, and the health sector that can help healthcare organizations understand how AI is impacting cyberthreats and how to defend against these threats.

Quantum computing threats

Quantum computers are the computers of tomorrow. Using the principles of quantum mechanics, quantum computers have tremendous compute power, which allows these devices to perform complex calculations at unimaginable speeds.

Consider that these computers may be able to break current encryption protocols that secure millions of devices and systems not in trillions of years but in seconds.

According to QuintessenceLabs, a conventional computer needs 300 trillion years to crack a common encryption protocol in use today. A 4,099-qubit quantum computer would need just 10 seconds to crack the same encryption.

According to experts, work on quantum computing could advance enough in the next five to 10 years to reach the point of making all digital information protected by current encryption protocols vulnerable to cyberattacks.

With quantum computing on the not too distant horizon, new encryption technology is being developed to secure data against quantum computing attacks.

Post-quantum cryptography (PQC) - also known as quantum-proof cryptography, quantum-safe cryptography, or quantum-resistant cryptography – uses complex mathematics to protect data and systems from quantum computing attacks. These encryption systems are designed to secure data against attacks from both classical computers (the computers of today) and the quantum computers of tomorrow.

With the technology some years away, medical practices and health systems might think they don’t have to worry about quantum computing or securing data and systems against quantum computing attacks. The fact is organizations need to be preparing for the era of quantum computing now.

That’s because cybercriminals are preparing now. Bad actors are already attacking organizations and stealing encrypted data in anticipation of using quantum computers to decrypt this data. Known as harvest now decrypt later (HNDL) attacks, cybercriminals are mining data from messaging apps, collaboration tools and other systems, putting sensitive health care data at risk of exposure and exploitation.

Fending off quantum computing attacks:

To make their systems quantum-safe, health care organizations must take steps now to ensure the technology they use integrates PQC.

Health care organizations can protect their data and stay ahead of quantum threats with the right tools and strategies in place including:

• Using mobile messaging and collaboration and other tools that support post-quantum cryptography
• Checking in with technology providers to determine if they are quantum-safe or are in the process of transitioning to PQC.
• Monitoring regulatory developments related to protecting data against quantum threats to maintain compliance.

Cyber threats are continually evolving, increasing in frequency and sophistication. To safeguard patient data and ensure compliance, healthcare organizations need to understand new threats including AI and quantum risks and take steps to mitigate these risks. The steps outlined above can help healthcare organizations safeguard patient data and ensure compliance.

Anurag Lal is CEO and president of NetSfere and a former director of the U.S. National Broadband Task Force under the Obama Administration.