Artificial intelligence has seen increased adoption in health care with dozens of promising results, including the ability to spot breast cancer and diagnose blood diseases much quicker than humans. However, AI is proving a double-edged sword, equipping cybercriminals with the tools to conduct sophisticated attacks with far-reaching consequences.
As the frequency of AI-based cyberattacks targeting the medical sector increases, organizations must figure out how to avoid falling victim and mitigate future risks.
Health Care Is a Prime Target for Cybercriminals
Given the amount of regulations and strict guidelines involved, you’d expect the medical industry to have advanced protection against cybercrime. However, it has been one of the most targeted by cyberthreat actors over the last decade.
Data breaches in the industry have increased 53.3% since 2020, according to an IBM report. Worse still is that the health care sector has recorded the most expensive data breaches for 13 consecutive years at an average cost of $10.9 million. There are four primary reasons for such intense focus on this industry:
- Sensitive data: If you think about it, no other sector handles as much private data as health care. Everything from patient health history and diagnostic information to insurance details and payment data is a treasure trove coveted by cybercriminals. Stolen health records are 10 times more lucrative than stolen credit card numbers.
- Urgent infrastructure: Hospitals and medical facilities provide timely critical care. As such, they cannot afford to have their operations shut down for prolonged periods. This makes them likely to meet attackers’ demands and pay ransoms without drawn-out negotiations.
- Networked devices: With the advancements of the Internet of Medical Things, everyday medical devices such as MRI machines, pacemakers and wearables can become a target for cyberattacks. These items often have poor security or operate on outdated programs, creating vulnerabilities for criminals to exploit.
- Limited training opportunities: Health care professionals are busy, and while they may receive cybersecurity training now and then, cyberthreats can often evolve more quickly.
“The average cost to remediate a health care data breach is nearly three times that of other industries.”
How AI-Based Cyberattacks Occur
Phishing is the leading cyberattack vector in the medical industry. The number of advanced email attacks increased by 167% in 2023, a testament to its infamy so far. This social engineering scam tries to trick you into revealing personal information or installing malware.
What’s most alarming about this issue is the realization that cybercriminals can ask generative AI tools to create the entire email sequence in the most convincing way possible. Today’s phishing artists don’t even need advanced cyberskills — anyone with an online device is a potential risk.
A few years back, spotting these scams with the usual telltale signs — poor grammar, abnormal sentence structure, unforgivable typos and the like — was easier. However, with generative AI, cybercriminals can create as many texts as they want in simple conversational English and with all the correct verification info.
Globally, threat actors send over 3 billion phishing emails, accounting for 1% of all email traffic daily. It takes just one unsuspecting click on a malicious link to compromise private information, providing hackers with enough details to blackmail and extort health care organizations.
“80% of cyber incidents resulted from employees’ poor password hygiene.”
Automated Malware
Advanced generative AI tools have been trained on massive amounts of publicly available source code and programming languages, including Python, JavaScript, Prolog and Verilog. For example, IBM’s watsonx Code Assistant allows developers to enter commands in plain language to generate output in code.
How long until this innovation becomes freely available across all AI platforms? Anyone with the proper prompts can generate countless malware variations with specific attributes, such as adaptability and detection avoidance.
AI-Powered Distributed Denial of Service (DDoS) Attacks
Malicious actors can use machine learning to train their systems to replicate a predefined decision-making process. From there, it can carry out automated DDoS attacks, scraping data for vulnerabilities and sending vast amounts of false connection requests to the health organization’s specific servers.
DDoS and phishing are the main precursors to ransomware attacks, in which the criminals demand ransom to restore system access or to maintain confidentiality. The February 2023 cyberattack on Regal Medical Group, which affected over 3.3 million patients, is a stark reminder of the severity of ransomware.
Deepfake Technology
You’ve probably come across tons of AI-generated deepfake content all over the internet. These false videos and images appear genuine and can be instrumental in impersonating patients or medical personnel for financial gain.
This technology can also be used to spread misinformation and facilitate extortion. For example, hackers could create deepfake videos of unsavory practices at a hospital and threaten to release them unless they get money. Though innocent, such malicious content can tarnish the hospital’s image, threatening patient trust and inviting possible regulatory proceedings.
“Health care organizations must implement robust security mechanisms to protect staff and patients from AI-generated deepfakes.”
Safeguarding Against AI-Enhanced Cyberattacks in the Medical Industry
No organization is entirely risk-free from potential cybersecurity incidents. Nevertheless, health care facilities must take a holistic, proactive approach to protect their private information without compromising patient care. These five risk-mitigating tips can help provide a viable starting point:
Conduct Regular Security Assessments
Every application, including health care equipment and software, eventually gets outdated. These create potential entry points for cyberattacks, weakening the overall security system. Regular security audits help catch these vulnerabilities before hackers find and exploit them.
Foster a Security Culture
Human error accounts for 95% of cybersecurity issues globally. Nurturing a culture of security awareness among hospital employees is essential. This means treating patient information as they would the patient and evaluating the potential security impacts of everyday decisions. It should also include ongoing training on the latest threat landscape and best practices.
Develop an Incident Response Plan
A plan to handle certain cybersecurity incidents helps medical organizations mitigate potential losses. This includes identifying key personnel to contact, establishing communication channels and outlining the steps to follow for the best possible outcome.
“Organizations with an incident response plan can benefit from 58% cost savings in the event of a breach.”
Double Down on Data Security
With data breaches in the health care industry costing millions, investing in high-end data security solutions is significantly cheaper. A robust network secured with cutting-edge encryption, advanced firewalls and next-gen intrusion detection systems is considerably more difficult to breach.
Implement AI Cybersecurity Solutions
Just as online hackers leverage AI to launch more potent attacks, organizations can also utilize it to supercharge their network defenses. For example, AI-powered systems can analyze massive amounts of data to identify abnormal behavior and possible malicious activities. This enables faster threat detection and response.
“Organizations that use security AI and automation can save over $1.7 million compared to organizations that don’t.”
What to Do About Rising AI-Based Cyberattacks
The caliber of sensitive data in the health care sector makes it an attractive target for cybercriminals. As instances of AI-based attacks continue to mount, organizations must employ a multifaceted approach to cybersecurity. New threats occur daily, so security systems must be resilient and always up to task.
