Increased interconnectivity of medical devices and the proliferation of medical data has made the healthcare industry a very lucrative business for cybercriminals. Several reports indicate that healthcare is on top of all industries being mostly affected by cyberattacks. The most common form of incidents includes stealing patients’ personal and medical records and encrypting them for ransom money by preventing medical staff from accessing patient information. But capable terrorists could also be able to render active medical devices deadly.
Yet, the level of awareness, funding and efforts allocated to cybersecurity in healthcare is very low, especially considering the costs arising for response and recovery from a potential attack and the overall damage cased in the aftermath of an attack, impacting the organisation’s reputation or even existence.