Cyber threats are growing for healthcare facilities as they become more digitized. With that digitization comes more digital information and data being available for hackers to access. Given this, it is important to mount effective defenses against any potential cyberattacks.
What makes healthcare facilities a target is the high value of data they carry on patients, staff and financial records, says Charlie Regan, chief executive officer at Nerds On Site. Such info is almost a watering hole scenario for attackers that they can extort multiple times when successful.
However, before healthcare facilities can put up a defense, they must know what types of threats are out there. These dangers come in many varieties, though a major one is ransomware. While Regan says the incidence of facilities paying ransoms is decreasing year over year, the ransoms themselves are getting increasingly larger. With ransomware attacks comes the risk of data exfiltration, which provides criminals with an extra set of targets to go after or just wholesale the valuable data.
In addition, there are many vulnerabilities within healthcare facilities, both technological and human. Both must be accounted for if there is going to be an effective cybersecurity program.
“The technological ones center around high tech that is not properly protected and old systems that have not had login security hardened with multi-factor authentication (MFA),” says Regan. “Many systems still do not offer MFA and considering that nearly half of compromises start with leaked credentials, this is an important area to address. Another key vulnerability is the lack of egress control, which gives attackers time and resources to exfiltrate data once they've managed to infiltrate a network.”
There is an unnoticed yet crucial area of cybersecurity: the Internet of Things (IoT) and its related devices. Cyberattacks could not only be focused on stealing precious data but also seizing or disrupting control of wirelessly interconnected devices.
“Healthcare has over the past two decades undergone a very dramatic digital transfer,” says Richard Staynings, chief security strategist at Cylera. “This is in relation to interoperability being at the center of that transformation. Instead of one charting system, one pharmacy system and one patient record system, we now have a proliferation of different systems that all talk to one another. That means data is going across the network between discrete applications and systems, making it ever more difficult to understand where pools of data reside and what data should be allowed in and out of the system versus what data should.”
As an example, Staynings says that a party from Russia or China could access an organization’s medical equipment or even their device master record (DMR). He further adds that to avoid this scenario, networks and systems need to be locked down with a form of MFA for anyone who has remote access. This way it is tied to an individual user that can be identified.
With both data and devices being able to be compromised, cybersecurity defenses become paramount. One measure that both Regan and Staynings mentioned is MFA, which requires any individual to authenticate/verify who they are before they can access a device or service.
Another method is the zero-trust approach, which is a practice where anyone who wants to access an organization’s resources is automatically deemed untrustworthy. This then requires the individuals to pass a series of checks, like MFA, before they can access anything.
Healthcare facilities face a great number of threats in the digital world, and these threats can even affect their real-world circumstances. Proper and effective cyber defenses are the key to guarding against these growing dangers.
Jeff Wardon, Jr. is the assistant editor for the facilities market.