New Delhi: The recent global ransomware attack has once again proved that healthcare sector remains to be the most vulnerable to cybercrimes.
It is reported that the WannaCry ransomware attack which devastated the UK's National Health Service (NHS) over the weekend has infected 200,000 machines in 150 countries.
The virus, which took control of users' files and demanded payment to allow access, forced many Britain hospitals to cancel treatments, appointments, and even compel emergency rooms to turn people away.
The attack has not only put patients' lives at risk, but also highlighted the clear-cut and scary reality about IT infrastructure in healthcare sector.
The fact is that poorly protected encryption or outdated systems are deplorably prepared to deal with a new class of cybercriminals, thereby enabling access to patients' medical data, which is supposed to be confidential and intensely personal, and other crucial data such credit card numbers, patients' medical bills and other important informations apart from behemoth payouts. Healthcare data breach can be deadly, and there can be more risk than just money.
Despite warnings from security experts, healthcare breaches continue to occur, signalling a huge risk to delivery of care and patient data.
Experts believe one main reason why healthcare organisations are particularly at risk from cyber attacks may be due to lack of awareness about email authentication in the sector. Another reason could be more internet-connected medical devices flooding into the healthcare industry, where hackers can take advantage of historically lax security on embedded equipments.
The NHS cyber-attack should be treated as a wake-up call for organisations around the world, particularly, the health sector. It's high time that health services take protective measures, inlcuding updating the systems with the latest versions as well as imparting the right training and tools to workers to mitigate this vulnerability or overcome such attacks in the future.
Furthermore, the latest ransomware attack - believed to have come from a flaw in Microsoft's Windows software that the the US National Security Agency used to build a hacking tool for its own use – highlights the need for health services to introduce a comprehensive back-up plan and recovery processes in the event of a cyber-security breach.