What are some common cyber threats?
There are many forms of cyber threats, but the common ones pertaining to the healthcare sector are:
- Email phishing attacks: Phishing attacks are commonly utilised by attackers. It involves an inbound phishing email comprising an active link or file, and may appear to originate from a trusted or legitimate sender. Accessing the link or file may either direct users to websites that solicit sensitive information or lead to downloading of malicious software1. Locally, 70% of incidents reported to Singapore Computer Emergency Response Team (SingCERT) by SMEs and members of the public occurred through phishing attacks2.
- Malware: Malware can be designed to disrupt or deny normal computer operations, steal information, or gain unauthorised access. There are many different types of malware such as virus, Trojan, spyware, botnet, worm, ransomware, and zero-day exploits.
- Loss or theft of equipment or data, and insider threats: Every day, devices such as mobile/smart phones, laptops, and hard drives are lost or stolen, and can end up in the hands of hackers. This is even more critical in the healthcare sector where sensitive information may be stored in such devices. The consequences can be even more dire if such devices do not have adequate encryption. In addition, insider threats, both accidental or intentional may exist within every organisation.
- Ignorance and apathy (“human forms of malware”): Apathy about cybersecurity hygiene hampers an organisation’s / practice’s ability to protect against cyber-attacks. The lack of interest, enthusiasm, or concern over one’s organisation or practice’s cyber health can be exploited by hackers.
What are the types of data breaches?
Contrary to popular belief, a data breach is not considered to be an attack or threat on its own. Typically, a data breach is the result of a cyber-attack, which allows criminals to gain access and steal personal data from a system without the knowledge or authorisation of the system’s owner, or it could be due to human error or an insider threat. Broadly, there are two types of data breaches:
- Physical Breach: This involves the physical theft of documents and equipment containing data. Physical assets such as laptops, desktop computers and external hard drives are at risk of a physical breach, while threat actors can also go hunting for documents that are not disposed of properly, a practice termed “dumpster diving”.
- Electronic Breach: This involves the unauthorised access or a deliberate attack on a system or network where data is stored. This can be due to acquiring access via web servers or websites due to a system’s vulnerabilities. Phishing, malware, and distributed denial-of-service are common techniques employed in an electronic breach.
Cause of data breaches
While most data breaches are attributed to cyber-related hacking or malware attacks, other frequently observed breach methods include:
- Insider leak: A trusted individual or person of authority with access privileges steals data. For example, an errant clinic employee with specific access privileges to the healthcare provider’s IT systems and database may be able to download patient medical records and disclose them to unauthorised parties.
- Loss or theft: Portable drives, laptops, office computers, files, and other physical properties containing health information are lost or stolen.
- Unintended disclosure: Through mistakes or negligence, sensitive health information can be exposed. For instance, personal health information may be accidentally uploaded onto online drives shared with third party vendors who may not require such information.
A data breach can happen to anyone, be it an individual, medical clinic or a large hospital. The data taken may include sensitive or confidential personal information such as patient medical history, sensitive patient diagnoses, financial information or contact details.