Protecting Healthcare Payments from Cyber Attacks: Tools and Strategies

In April 2022, a medical billing company based in New York became the victim of a serious ransomware attack. Bad actors stole personal and financial data of patients from 26 healthcare institutions who were the company’s clients. The billing company had to notify almost 1 million individuals that their data had been stolen.

Over the last few years, organizations and fintechs that process payments for healthcare providers have become a hot target for cyber attacks. Bad actors see that it’s much more efficient to go after one payment processor than to attack multiple hospitals one by one. Cyber criminals can get healthcare data about patients, as well as financial data from payers and providers in one shot.

Research from Sophos, a cybersecurity company in Massachusetts, showed that the percentage of healthcare organizations reporting ransomware attacks last year in healthcare almost doubled to 66% compared to 34% in 2020. The industry also saw the highest increase in volume (69%) and perceived complexity (67%) of cyber attacks. The time it takes to recover from the technical impacts of cyber incidents can range from one week up to one month. Fixing the damage to the company’s reputation can take much longer.

Cyber security attacks can obstruct operations and patient care. In October 2021, a cyber attack disrupted the Newfoundland and Labrador healthcare system. Thousands of appointments for local residents were canceled as a result of the attack, ranging from blood work to cancer care. The attack also caused a delay in medical procedures and the province’s COVID-19 testing program. Research shows that these attacks can result in increased patient mortality rates or complications following medical procedures.

As we prepare for 2023 and anticipate the continued complexity and volume of cyber threats, there are tools to help healthcare providers, payment processors, and fintech companies improve their resilience to cybercrime.

1. Real-time End-to-End Payment Monitoring

While fintech platforms for healthcare help increase payment collection and eliminate financial barriers, providing sensitive data to a third party means there are more opportunities for criminals to exploit. The current payment environment has also become complex, with the development of real-time rails and the resulting instant, irrevocable payments.

To protect healthcare payments, it’s essential to ensure continuous risk monitoring of the payment journey at every endpoint in real-time. All payment message fields, metadata, response-request timing and network communications information should be decoded in real-time to avoid cybercrime detection lag times. This also provides enhanced data elements for analysis.

Real-time payment monitoring helps automatically screen each link of an in-flow payment transaction, as it traverses across multiple customer endpoints, technologies and network infrastructures – making it easy to assess in milliseconds where missing transaction links, transaction path deviations or suspicious activity is occurring.

INETCO’s Client Success: See how Moneris Solutions uses INETCO Insight transaction monitoring to monitor payment applications in over 350,000 merchant locations.

2. The Precision of Cyber Attack Blocking

As healthcare organizations and their payment providers take steps to protect themselves from cyber attacks, they very often face another problem – too many false positives. Some cybersecurity solutions can block traffic only at the IP address and port level, which blocks legitimate patients along with the criminals.

Newer cybersecurity solutions with supervised and unsupervised machine learning models can identify the individual messages associated with an attack and automatically block only those messages or malicious traffic. Legitimate customer transactions and traffic continue to be processed without any latency being added.

In 2022, we’ve also faced the increased complexity of cyber attacks. Research shows that intelligent bot attacks are now three times harder to detect as they have evolved to be effective at mimicking human behavior. Sophisticated cyber attacks can bypass existing web application firewalls (WAFs) and other defenses (e.g. CAPTCHA) to attack web servers and API gateways. To solve this, fintech companies and healthcare payment collectors can explore solutions that automatically detect and block cybercrime application layer attacks without impacting legitimate transactions.

3. Staying on Top of Modern Cyber Threats

Whether it’s continuous cyber attack education for your staff or regular review of your technology stack and operations to eliminate weak links, prevention is always cheaper than dealing with the costs of an attack.

Evaluate new cyber threats to understand how your systems will (or will not) protect from them.

Increased collaboration with local governing bodies on cybersecurity will also help strengthen business resilience to cybercrime. For example, the FBI recently notified businesses of a rise in bad actors compromising user credentials of healthcare payment processors to redirect payments from their victims to bank accounts under their control. During one cyber incident, criminals redirected $3.1 million from victims’ payments. In their Private Industry Notification document, the FBI also recommended a few steps to help mitigate similar risks.

Need to protect healthcare payments from advanced cyber threats and provide a seamless patient experience without interruptions? Get in touch with one of our experts.