A closer look at healthcare’s battle with AI-driven attacks

With its wealth of sensitive patient data, the healthcare industry has become a prime target for cybercriminals leveraging AI tools. As these threats continue to evolve, it’s important to understand how AI is shaping the cybercrime landscape in healthcare and what can be done to mitigate these risks.

In this Help Net Security interview, Troy Hawes, Managing Director at Moss Adams, discusses how AI-powered cyberattacks affect healthcare organizations, the crucial role AI-powered predictive analytics can play in preempting cyber threats, and how healthcare organizations can protect their staff and patients from deception and exploitation.

How has AI changed the landscape of cybercrime in healthcare? How do AI capabilities enhance the efficiency and sophistication of cybercriminal operations?

Artificial intelligence (AI) has significantly transformed the landscape of cybercrime in healthcare. Cybercriminals can now employ AI capabilities to automate and scale their attacks, making them more efficient and sophisticated. Cybercriminals employing AI-powered tools can identify vulnerabilities, launch targeted attacks, and evade traditional security measures. Once they gain access to a healthcare organization’s system, cybercriminals can utilize AI to analyze large datasets, allowing them to gather valuable data, such as patients’ personal identifiable information (PII), for identity theft, fraud, or ransomware attacks.

The increased efficiency and sophistication of AI-powered cyberattacks pose a significant challenge for healthcare organizations, requiring them to adopt advanced AI-driven security solutions to proactively counter these evolving threats effectively.

How significant is the threat of AI-powered cyberattacks to healthcare organizations compared to other sectors?

The threat of AI-powered cyberattacks to healthcare organizations is extremely significant. Healthcare organizations hold vast amounts of sensitive patient data, making them attractive targets for cybercriminals. AI-powered attacks can exploit vulnerabilities in medical devices, compromise electronic health records, or disrupt critical healthcare services – forcing organizations to quickly revert to paper systems and human intervention for equipment monitoring or record exchanges.

According to data published by the U.S. Department of Health and Human Services’ Office for Civil Rights, there have been 479 cyberattacks on healthcare organizations this year. The vital data and PII cybercriminals gain access to when targeting healthcare organizations makes them a prime target for cyberattacks, specifically ransomware. The loss of data, or the inability to access data, is only one of the implications of threats like ransomware. There are also several intangible costs associated with data breaches, such as increased insurance premiums, costs of credit monitoring, time and expense to investigate, and more.

The FBI advises businesses not to pay, and every business needs to decide how they will respond, but a business may be able to deduct the ransomware payments from its taxes. Companies have previously written off these payments as necessary expenses, but every business should consult with their financial advisor or tax attorney before doing so.

How has AI-powered predictive analysis been instrumental in preempting cyber threats in healthcare settings?

AI-powered predictive analytics can play a crucial role in pre-empting cyber threats in a healthcare setting. By analyzing patterns and anomalies in network traffic, AI algorithms can detect and identify potential threats before they materialize. This proactive approach enables security teams to respond swiftly, patch vulnerabilities, and strengthen defenses. It allows healthcare organizations to mitigate the risk of successful cyberattacks by being able to react to potential threats in real time.

AI-powered predictive analysis tools also help in identifying emerging attack vectors and adapting security strategies accordingly. By leveraging AI’s ability to process vast amounts of data and detect subtle patterns, healthcare organizations can stay one step ahead of cybercriminals and proactively protect their systems and sensitive information.

With the rise of AI-generated deepfakes, how can healthcare organizations protect their staff and patients from being misled or exploited?

Healthcare organizations can implement robust authentication and verification mechanisms to protect staff and patients from AI-generated deepfakes. Multi-factor authentication, biometric identification, and secure access controls can help prevent unauthorized access or manipulation of sensitive information. Identifying whether an image, video, or audio recording of your doctor or patient is a deepfake isn’t straightforward.

Preventative technology can support an organization’s security presence, but educating staff and patients about the existence and risks of deepfakes can enhance awareness and vigilance, enabling them to identify and report potential instances of deception. Healthcare organizations could also invest in AI-powered deepfake detection tools that can analyze audio, video, and image content to identify signs of manipulation, ensuring the integrity of information and maintaining trust in the healthcare system.

With AI playing a bigger role in cybersecurity, are there emerging ethical or privacy concerns healthcare professionals should be aware of?

Healthcare professionals should be aware of the potential ethical and privacy concerns when implementing preventative AI-powered technology, such as predictive analysis tools. Using AI algorithms to process and analyze patient data raises questions about data privacy, consent, and potential biases in decision-making. Healthcare professionals must ensure that AI systems comply with ethical guidelines, maintain patient confidentiality, and prioritize transparency and accountability in their use.

Healthcare professionals should also be cautious about potential biases in AI algorithms that could impact patient care or perpetuate existing healthcare disparities, such as not factoring in social determinants of health (SDOH) for a patient. Striking the right balance between leveraging AI’s capabilities and upholding ethical standards is crucial to ensure the responsible and secure use of AI in healthcare cybersecurity.

Given the continuous evolution of cyber threats, how do you see AI evolving to address these challenges in the healthcare sector over the next decade?

In the next decade, healthcare organizations will need to be more proactive in implementing AI-based threat detection and response systems to safeguard patient data and maintain the integrity of their operations. AI will evolve significantly during the next decade to address the challenges posed by evolving cyber threats in the healthcare industry.

AI algorithms will become more sophisticated in detecting and mitigating emerging threats, leveraging advanced machine learning techniques and real-time threat intelligence. We will also see AI-powered anomaly detection, behavior analytics, and predictive modeling enhance the ability to identify and respond to cyber threats promptly, bolstering the overall security posture of healthcare organizations.

AI will play a crucial role in automating incident response, enabling faster and more effective containment and remediation of cyber incidents. As AI continues to evolve, it will become an indispensable tool for a healthcare organization’s security posture, helping safeguard patient data and providing continuity of critical healthcare services.