Cyber Attacks: How the Cloud Can Become a Threat to Sensitive (Health) Data

The healthcare sector has been hit hard recently. Numerous cyberattacks have paralysed clinics and care facilities. Sensitive healthcare data has been stolen on a massive scale. This is why facilities often see the solution in the cloud. But security problems lurk there too.

The healthcare sector is one of the sectors most affected by cyberattacks. Hospitals and medical facilities are experiencing a wave of cyberattacks that not only paralyse operations, but also lead to the theft of sensitive patient data on a massive scale, often due to security deficits. The cloud is supposed to provide a remedy – facilities are hoping for secure data management. But even in the cloud, security measures are essential and cloud applications in particular require specific expertise

A spectacular case recently made the headlines. The reason for this is the amount of damage and the extent of a ransomware attack. The victim was the US cloud service "Change Healthcare", which belongs to the insurance company UnitedHealth Group. According to the news agency Reuters, the total amount of damage so far is said to be 1.6 billion US dollars. It is made up of several high ransom payments and the cost of restoring the IT systems.

However, the stolen health data could have even more serious consequences: This is likely to affect around a third of the US population, as company CEO Andrew Witty said at a hearing in the US Senate. According to the company, the analysis is still ongoing and it will take months to finalise the number of people affected. In the meantime, the first data records have already been offered on the darknet.

US government and authorities react

Change Healthcare is the central billing system for the healthcare industry in the USA and also the largest platform for data exchange between doctors, pharmacies, healthcare providers and patients. The scope of the cyberattack even led to the US government getting involved alongside the US security agencies CISA and the FBI. At times, pharmacies were no longer able to function and even US military hospitals abroad were affected.

There have also been spectacular security incidents at healthcare providers in other countries. For example, a few days ago at the Australian prescription service MediSecure. The company handles the prescribing and dispensing of prescriptions. It is therefore assumed that health data from several million Australians was stolen in the attack. This comes after an attack on the health insurance company Medibank made waves the year before last, in which the health data of a large proportion of the population was stolen.

A worthwhile goal: healthcare sector in the crosshairs

Not without reason has the healthcare sector recently been increasingly targeted by cyber criminals. Attackers know that they can steal highly sensitive data or jeopardise human lives through failures. This increases the willingness to pay for ransomware attacks. Even in Germany, the healthcare sector has not been spared serious incidents in recent years. Hardly a week goes by without a report of a cyberattack on a healthcare facility. According to a study, attackers steal an average of 20 per cent of existing data during these attacks. In other sectors, the figure is just six per cent. Experts blame this on an investment backlog in the IT sector, particularly in cybersecurity. 

Many IT managers see the cloud as a solution

Many IT managers therefore see the cloud as a cost-effective alternative. The trend in the healthcare segment has also been moving towards the cloud in recent years. According to forecasts, over 100 zetabytes of data will be stored in the cloud by 2025. In 2023, the total global value of the cloud market was already around USD 626 billion. According to one forecast, it is expected to grow to around 1266 billion by 2028, which corresponds to annual growth of over 15 per cent.

Trust in cloud solutions is not justified per se

Companies generally seem to place a lot of trust in cloud computing, as according to a survey, around half of companies also store confidential data in the cloud. If healthcare organisations move data to the cloud, the risk situation immediately changes. However, if healthcare data is stored in the cloud or managed via cloud services, adapted security precautions are essential, as access is now possible worldwide, for example. The frequent assumption that data is inherently more secure in the cloud cannot be realised without appropriate measures.

Cloud security with specific requirements

Security precautions for cloud services usually differ fundamentally from the conditions in in-house data centres. On-premise IT is usually taken care of by in-house IT specialists. Many organisations therefore assume that the provider takes care of IT security in the cloud. However, this is rarely the case. This results in security deficits: Misconfigurations in the cloud infrastructure are one of the most common gateways used by attackers.

Many security providers therefore have corresponding offers in their programme. This has long since developed into a market of its own. According to the figures from the analysis portal Statista, sales of cloud security solutions in Germany will amount to around 459 million euros in 2027, which corresponds to an average annual growth rate of around 47 per cent between 2022 and 2027. If this forecast materialises, this would be a growth rate that other sectors of the economy can only dream of.

Author: Uwe Sievers

Cloud security - clear to cloudy?

Learn more about encryption, access controls and security policies for cloud-based systems to ensure data integrity, availability and confidentiality on our topic page.

Comprehensive information and numerous recordings of the presentations from it-sa Expo&Congress and it-sa 365 can be found on the cloud security page.