The healthcare industry is one of the most important as well as targeted industries in the world. We rely on healthcare services to help diagnose, prevent, and manage diseases, promote health, etc. As cyber-attacks have become an everyday occurrence, cybersecurity must be made a priority in this industry. Cybercriminals often target healthcare providers for the personally identifiable information (PII) that they hold. These attacks can threaten patient safety by putting lives in danger. We will discuss the common types of cyber-attacks as well as how to mitigate their risk.
Types of Cyber-attacks in Healthcare (Work in Progress)
- Email phishing
Phishing continues to be one of the most common methods cybercriminals use to breach a system. It attempts to trick the recipient into believing that the email is coming from a legitimate source and ultimately provide the cybercriminal with valuable information. Phishing emails often appear urgent, requiring things like banking information or accounts to be verified to prevent some adverse action. Once the information is provided, the cybercriminals can begin account takeovers. In events that links are clicked, or attachments are opened, malicious software like viruses could be downloaded and begin to affect the network. At this point, sensitive information could be accessed and transferred from your network.
2. Ransomware
When a user clicks on a malicious link, downloads a malicious attachment, or visits an infected site they run the risk of ransomware being downloaded on the network. Ransomware is a type of malware that encrypts data on a device or network if allowed to spread. Once the data is encrypted, cybercriminals direct the owner of the data to either pay the ransom to unlock the data or have it destroyed. However, paying the ransom doesn’t guarantee that the cybercriminals will unencrypt the data.
3. Loss or Theft of Equipment
As mobile devices have entered the workplace, the risk of them being lost or stolen has risen. Healthcare providers rely on these mobile devices to quickly access and chart patients, code visits, etc. Losing a mobile device to theft or human error could put patient safety and PII at risk.
4. Connected Medical Devices
Internet-connected medical devices have been entering the healthcare industry at an increasing rate. Any device connected to the internet has the risk of being hacked. One of the biggest threats to Internet of Things (IoT) devices is the lack of regular patches that come out. In June the Department of Homeland Security released an alert about a group of 19 vulnerabilities known as Ripple20. This group of vulnerabilities affected hundreds of millions of IoT devices including connected medical devices. These vulnerabilities could lead to remote code execution, allowing backers to take control of the device. In 20190, researchers in Israel discovered that CT and MRI machines were susceptible to malware that could remove or add fake cancerous nodes to a scan before they could be examined.
How to prevent cyber-attacks (Work in Progress)
Security Awareness Training
Users should be regularly trained on the organization’s security practices and policies. This allows them to understand what is expected of them to protect patient and company data. The training should explain to the user some of the common security threats they may encounter and how to report a suspected security incident.
Utilize Encryption
With healthcare practitioners constantly on the move, it is important to keep sensitive data protected. Sensitive data should be encrypted in transit and at rest. Disk encryption of software such as BitLocker can help secure laptops and other mobile devices. If a practitioner needs to access sensitive data while travel, implementing a Virtual Private Network (VPN) would encrypt all network traffic. If the data lands in the wrong hands, they would not be able to access it without the encryption keys.
Enable Backups
Regularly scheduling backup of sensitive data can combat many cybersecurity risks. From ransomware to accidental deletion of data to disaster recovery events, having up to date backups allows for an organization to revert to normal business operations quickly. Organizations must define the frequency of backups as well as their Recovery Point Objective (RPO) in their security policies. The RPO is how far back in time that the data was preserved in a usual format like a backup. Once the RPO is defined the frequency of the backups can be defined. For example, if an organization has an RPO of 1 hour, the backups must be done once an hour.
Patch Systems Regularly
System patches should be tested and implemented to ensure systems are updated to the latest version. Unpatched systems run a great risk of being vulnerable to several attacks. Since some manufactures release patches at different frequencies, organizations should subscribe to alerts for when patches are released.
Install Anti-Malware Software
If malicious files and software are attempted to be downloaded on your network, anti-malware software can detect, block, and quarantine them. When utilizing anti-malware software, make sure that the manufacturer is regularly updating its signature database. This ensures that they are actively scanning for some of the latest malware to come out.
Let’s discuss how to keep your business secure while improving business performance https://visualtorch.com/contact
References:
https://www.phe.gov/Preparedness/planning/405d/Documents/HICP-Main-508.pdf
