When hackers target health systems they operate like 'Ocean's Eleven,' Toby Gouker, chief security officer of government health at First Health Advisory told Politico May 14.
"If you're thinking of the movie 'Ocean's Eleven,' they do that same kind of thing: They study the casino, they learn where the money is kept, where the traffic flows, where the guards are," he told the publication.
Cyberattacks against the healthcare industry have surged in recent years. According to the HHS Office for Civil Rights, from 2022 to 2023 there was a 141% increase in large breaches reported to the agency. Additionally, the agency said that ransomware attacks have increased by 264%.
This comes as two healthcare organizations, St. Louis-based Ascension and UnitedHealthcare's subsidiary Change Healthcare, reported ransomware attacks. But, according to Mr. Gouker, hackers didn't always target healthcare. He told Politico hacking groups used to avoid the industry because they "seemed to have a little bit of ethical behavior." But due to law enforcement action against hacking groups, this is changing.
In February, the Cybersecurity and Infrastructure Security Agency warned that the hacking group who administered ransomware on Change Healthcare encouraged its affiliates to target hospitals. This comes after government officials came after the group in December 2023.
Additionally, CISA warned about Black Basta, another ransomware-as-a-service group, that is allegedly behind the Ascension attack. This group has targeted two healthcare organizations.
Mr. Gouker said healthcare isn't prepared for these attacks.
"Their defenses are a lot more immature than other industries — finance, retail, even oil and gas," he said. "Those industries are battle-hardened. They'd been attacked 10 to 15 years ago."
But, the American Hospital Association disagrees saying most breaches are due to vulnerabilities in third-party technology.
"Hospitals and health systems have invested billions of dollars and taken many steps to protect patients and defend their networks from cyberattacks," an AHA spokesperson said in a statement to Politico.