In the last two years, the number of cyberattacks detected at hospitals has increased exponentially and has become the No.1 target for cybercrime. The healthcare sector is now susceptible to online attacks by almost 60% in March 2021 when compared to February, according to Bitdefender telemetry. The cybercriminals have clearly leveraged the pandemic to their advantage where hospitals don’t have the bandwidth to safeguard patient information and often use outdated systems. And physicians are the most frequent targets as they hold access to patient records and become vulnerable to a cyber attack.
The most shocking case of attack was on Dominion National’s two main business units, discovered only in 2019, almost a decade later from when it started in August 2010. Though quick recovery steps were taken it showcases how many cyberattacks are already underplaying, just not surfaced yet.
More recently, LabCorp, one of the largest clinical laboratory networks in the world, was attacked and at least 10,000 documents were left exposed on LabCorp’s website due to a security vulnerability in a connected back-end system.
With such rising concerns, nearly a third of hospitals and health systems are planning to implement biometrics (29%), digital forensics (28%), or penetration testing (28%) within the next 24 months, according to new HIMSS Media research. Yet, 43% say funding is the barrier in executing the security challenges.
Common factors that led us here…
The most common factors that led to making healthcare the no.1 target for cybercrime are – biomedical devices running on older versions of Windows, organizations’ endpoints running out-of-date, under-patched, and versions of software used by employees every day. All this along with cybercriminals utilizing the sharpest phishing emails make the perfect environment for an incident. The target is mostly the vulnerable and unmonitored internet-facing assets that give away the healthcare organizations’ network more quickly than anything.
Dan Bowden (VP & CISO, shared with QG Media how the particular parts of workflow became automated and digitized and technology platforms were developed. ‘Take an example of cardiology or lab systems, we had a lot of stovepipe systems that had to be connected. What was not well understood back in the day was the risk that came from not doing good security hygiene and segmentation. There wasn’t a lot of good security design and it didn’t account for allowing only minimum access and service ports necessary. Even the most technically sound radiologist and support people weren’t technology people by trade, yet they became the owner of technology platforms and focused more on keeping the platforms running than security. We did get away with this for a while. It was until 10 years ago when hackers started understanding how simple it was to target healthcare.’
It is really unfortunate that no industry, including manufacturing, has been affected as much as healthcare. The ransomware demands each year have escalated with attacks inevitably becoming more sophisticated, undetectable, and bespoke. They carry the power of crippling the entire healthcare industry and that would lead to unthinkable repercussions. Being a critical infrastructure, it is difficult to see patients struggling to get medical attention or not being able to be treated due to ransomware attacks on the hospital or the organization managing the hospital data.
We asked Chuck Brooks, the thought leader and influencer in cybersecurity:
How can we safeguard the critical infrastructure of industries like healthcare in the coming future?
‘Public-private cooperation is key to protecting critical infrastructure (CI) in terms of collaboration of security processes and threat information sharing. The reality is that the private sector owns and operates most of the critical infrastructure. The government is needed to assist as CI is being targeted by state actors with capabilities to inflict harm. To help ameliorate threats, critical infrastructure operators should apply a comprehensive risk framework to address vulnerabilities to OT/IT convergence including “security by design”, defense-in-depth, and zero trust to counter cyber threats. It is especially important for the public and private sectors to coordinate and apply and enforce industry security protocols.
There are also a variety of promising technologies being developed by both industry and government that can be used for safeguarding critical infrastructure, including artificial intelligence to scan networks and discover threats. Some newer areas of cybersecurity technologies that are fortifying infrastructures are being developed in the areas of cloud security, authentication, and biometrics. Automation is an emerging and effective cybersecurity pathway. Dedicated resources and the assimilation of emerging technologies such as artificial intelligence and machine learning can help automate detection and trigger cyber defenses. New innovations in networks, payloads, endpoints, firewalls, antivirus software, and encryption can also be factors that harden critical assets against attacks.
Healthcare critical infrastructure has become a major hacker target for several reasons. Hospitals and medical facilities are susceptible to phishing attacks and insider threats because of the large data flow throughout various systems. There are many points of vulnerability for malware/ransomware extortion because their systems are networked with multiple stations and devices. In addition, most workers in medical facilities are not trained in basic cybersecurity hygiene. One path forward to mitigate cyber gaps is enhanced collaboration between manufacturers and medical providers to ensure the production of upgraded hardened devices with software packages with cybersecurity features to counter newer and more sophisticated hacker threats. Also, access management of these devices needs to be strengthened and enforced through new protocols and processes. Clearly, industry, government, and the entire healthcare community have a stake in the outcome of safe medical care put at risk by cyber threats.’’
Every aspect of Healthcare from confidential data to clinical trials and research comes under the radar of cybersecurity. The government and industry experts are coming together to put in place cybersecurity technologies, standards, and processes. Dan shed light on the current state of the healthcare industry, ‘The good news is that the last five years have been great for public-private sector coordination. The vendors who deploy and manage these technology solutions are partnering closely with the CIOs and CISOs and as well as with the Department of Homeland Security and the Dept. of Health and Human Services to help health organizations on protecting their data and patient services. There are a lot of workgroups that are doing great work, coordination where you can participate and talk about nearly any security topics to improve.’’
This gives us a ray of hope for sure. And while things have started to get on track for the healthcare institutes, there’s still a way to go for the small and medium-sized companies. The everyday healthcare is yet to be fully equipped for brutal and ransomware demanding attacks that the industry forecasts.
Stay connected and get the latest updates on your favorite cybersecurity topic with our newsletter. Sign up here!
