A new report has found that Australia’s healthcare sector is ill-equipped to fend off cyberattacks compared with other regions, and that ransomware attacks are on the rise as a result of vulnerabilities caused by the global COVID-19 crisis.
Global technology services provider NTT Ltd recently launched its 2020 Global Threat Intelligence Report, which reveals that despite efforts by organisations to layer their cyber defences, attackers are continuing to innovate faster and automate their attacks.
While the technology and government sectors were more frequently targeted, the report showed Australia’s healthcare sector is less mature than other health markets in terms of cyber resilience.
A score of 0.96 put it behind the global average of 1.12, with The Middle East and Africa topping the category with a score of 1.56, ahead of the Americas on 1.24. However, Australia performed better than Europe (0.88) and Asia-Pacific (0.45).
Mr John Karabin, NTT’s Australian director of cybersecurity, said the healthcare sector has always been a key target for cyber criminals.
He said a combination of highly sensitive personal data and poorly defended networks created a high risk-reward situation. Australia’s healthcare sector also has a significant reliance on legacy systems, which are typically tough for IT leaders to protect because they are disparate, siloed and vulnerable to unsophisticated attacks.
“As Australia starts to bring more of these systems online, by connecting them to the internet and to one another, we’re bringing 10-year-old devices into contact with threats that they have not encountered before,” Karabin said.
“And whilst our research showed that threats are evolving, we also found that old vulnerabilities persist because organisations aren’t performing basic cyber hygiene practices such as patching. This trend is particularly problematic in industrial and legacy technology environments, including healthcare.”
COVID vulnerabilities
Karabin said cybersecurity has not traditionally been a priority for healthcare providers, which typically focus budgets and technology on saving lives and maintaining health.
While moving systems on to a cloud system is the correct way forward, Karabin said this also brings new threats. NTT found that application-specific (40%) and web-application (20%) attacks were dominant in Australia, accounting for nearly 60% of all attacks combined.
The current COVID-19 crisis has also demonstrated that cyber criminals will take advantage of any situation.
“We are already seeing an increased number of ransomware attacks on the health sector and we expect this to get worse before it gets better,” he said.
“Accelerated shifts towards web-applications will open up new vulnerabilities and the rise of Medical Internet of Things, or MIoT for short, is also becoming an attractive target for adversaries looking to break into IoT-based information systems.”
In Australia, a malware called Conficker was the most commonly detected, accounting for 14% of all malware detections. This is a worm that is now nearly 10 years old, however, remains the most detected piece of malware on the internet.
“This tells us that old vulnerabilities are remaining active targets but adversaries are leveraging artificial intelligence and machine learning to automate attacks and increase volume,” Karabin said.