By Simeon Tassev, Managing Director and Qualified Security Assessor at Galix
Healthcare institutions, particularly hospitals, have long been a tempting target for cybercriminals. These institutions hold massive amounts of extremely sensitive and personal data that can be exploited in various cyberattacks. Moreover, with healthcare receiving more funding and grants due to COVID-19, it’s become a (perceived) easy target. The reality is that within healthcare’s IT systems lie critical patient information such as ID numbers, credit card and banking details and other highly sensitive data such as patients’ HIV status that can be used to cause considerable damage.
An ID number alone can fetch quite a price on the black market which is why the global healthcare system must stay ultra-vigilant and mitigate any damage and potential liability.
Currently, one of the most popular forms of cyberattack exploitation is blackmail. Unlike ransomware where cyber criminals hold company data to “ransom” with encrypted malware, they now simply gain access to sensitive data and threaten to expose it unless a specified amount is paid.
Healthcare institutions have no choice but to pay the blackmailed amount as exposing sensitive patient information can be disastrous to the individuals in question and overall patient confidentiality.
With the outbreak of COVID-19, hacking groups around the globe refrained from targeting healthcare institutions. However, this was short lived and in essence created a false sense of security which made healthcare institutions even more vulnerable.

Furthermore, healthcare institutions are the custodians of information and despite the call for individual cybersecurity vigilance, patients don’t have control over their information and can’t contribute in any way to protect the residing stored on these IT systems.
So, what can healthcare systems do to fortify its cyber security, particularly in an unprecedented time where healthcare workers are taking enormous strain to keep up with a daily influx of patients?
For one, healthcare organisations need to reinforce best practices in data protection, especially as it relates to the privacy and security of critical patient data. Security awareness is also key, cybercriminals target people, not only systems.
Educating all staff on the value of security is vital. With technology becoming more prevalent in everyday healthcare, it is important that the data protection becomes a fundamental component of modern-day medical practice.
Similarly, as cloud adoption accelerates across healthcare, efficient planning and controls must be put in place to mitigate vulnerabilities. Access to information from patients, caregivers, insurance agencies, and other stakeholders must be seamless and importantly, secure.
Lastly, and importantly, healthcare institutions must partner with security solution providers that provide expert services such as audits and solutions that will ensure organisations remain secure and resilient against any potential threats while focusing on its core competency.
More Articles
Scaling Africa’s Tech Ventures To Exit This Decade
Ending Violence In Mozambique Will Require United Effort; African Energy Chamber Stands Ready To Assist
What Happens To The African Energy Industry If Western Lenders Cut Off Loans For Fossil Fuel Projects?
Why Is The Fight Against Neglected Tropical Diseases Vital To The Fight Against Covid-19?
African Countries Must Take A Balanced Approach To The Energy Transition
Advancing The Global Black Community Across All Policy Priorities That Marginalize Black People
Exploring Optimal Leverage To Obtain Financing For African Women SMEs
Why Is It Necessary To Invest More Than Ever In Education In Africa?
An Economy On The Edge