The healthcare sector is at risk of ‘grunt bot’ attacks, which are one of many innovations hackers have come up with to save themselves time and give themselves the ability to hack their targets more easily and more efficiently.
Grunt bots – literally automated bots that can seek out weak and vulnerable systems and break into them for the hacker in seconds – can save a hacker potentially hours of manual work. The healthcare sector is at particular risk because they’re known to sometimes use outdated systems which can be more vulnerable to attack.
It’s another wake-up call that means, unless healthcare sector shapes up its cybersecurity, they are at risk.
We’re a year on from last year’s WannaCry attack that crippled parts of the NHS. The WannaCry attack used malicious software that targeted older and outdated systems because those systems are usually more vulnerable to attack.
As systems become outdated, their security is not always patched up, leaving them more vulnerable to attack.
With hackers now using automated ‘grunt bots’ to do the heavy work for them – reducing a job that could take hours down to mere seconds – medical data could be at greater risk in areas where the healthcare sector is using outdated systems and / or lacks cybersecurity. Once the grunt bots are in the systems, the hackers themselves can take over and that’s when the medical data is at risk of exposure.
Of course, it isn’t just the healthcare sector and medical data that’s at risk, but the fact that medical data is at the top of the most breached types of data, and because continuing funding issues mean there are areas of the healthcare sector using outdated – and therefore more vulnerable – systems, the risk is higher.
Will GDPR change the healthcare sector’s fortunes?
The introduction of the long-awaited GDPR last week means far more severe monetary punishments can be issued for data breach offenders, and greater powers for the ICO. The GDPR should be enough of a deterrent to ensure cybersecurity is prioritised, but we will have to wait and see.
Medical data remains a top target for hackers, so the healthcare sector is always at risk. As hackers innovate to make hacking easier, and targets more vulnerable, we have to tighten up our defences.