McLaren lessons: Beefing up healthcare cybersecurity

Medical staff are seen at a university hospital in Gwangju – Copyright AFP –

The recent cyberattack on McLaren Health Care serves as an example of how healthcare organizations are becoming increasingly vulnerable to cyber threats.

In addition, McLaren’s incident underscores the critical need for robust cybersecurity measures within the healthcare industry. 

What are the main implications from the incident? Gerasim Hovhannisyan, CEO & Co-Founder of EasyDMARC,warns that as cyberattacks in the healthcare industry are becoming more common, measures need to be put in place by impacted organisations and their support service providers.

As an example of the vulnerabilities and potential for being hacked, EasyDMARC’s recent research found that one-third of healthcare facilities still lack basic email security protection.

Hovhannisyan explains: “Ransomware attacks on healthcare systems are a ticking time bomb, as the recent IT and phone system attack on McLaren Health Care clearly displays. As healthcare networks and systems become increasingly interconnected and advanced technology creates a more accessible and dangerous cybercrime landscape, disruptions like this are becoming commonplace, putting organizations and their patients in jeopardy.”

In terms of the general landscape, Hovhannisyan  details: “Hackers are targeting healthcare organizations every day due to the sensitive nature of their data and the potential for significant financial gain.”

The advantages are: “This emphasizes a critical need for zero-trust architecture, a robust incident response plan including regular security awareness training, and strategic tool adoption that will offer an added layer of defence against attempts to access data and disrupt operations.”

Overall weaknesses in the health sector exist: “While McLaren’s prompt communication with patients is commendable in this case, and communication can play a significant role in reputation maintenance amid a cyberattack, the situation still highlights a glaring vulnerability: the danger of dependency on technology like digital databases without sufficient offline backups or security measures in place to protect them.”

Returning to the overall impact of the recent incident and others of a similar nature, Hovhannisyanpoints out: “The human and financial cost of attacks like this are staggering and healthcare organizations must prioritize cybersecurity technology, updated systems, and proactive threat protection. The future of patient care depends on it.”

Hovhannisyan weighs up how healthcare organizations can safeguard patient information and ensure operational efficiency even in the face of cyber threats.