Healthcare organisations, like hospitals and medical research institutions, have been hit hard by the COVID pandemic and cyber criminals have, unfortunately, taken advantage of the situation. Cynerio CEO, Leon Lerman reports that attacks have risen by 300% since the pandemic started.
If a lesson can be taken from the first wave of COVID, it’s that the healthcare industry can take preventative measures to fortify clinical networks, preserve medical services, and ensure patient safety today and in the future.
Understanding healthcare’s cyber vulnerabilities
Now, everyone’s talking about Wave 2. In order to secure our hospitals, we have to look at why they’re so targeted and difficult to secure in the first place:
- Personal health information (PHI) is extremely valuable on the black market, with a price tag in the thousands of dollars. By comparison, credit card and social security numbers can be worth as little as 10 cents.
- Connected medical devices, or Internet of Medical Things (IoMT) devices, are notoriously vulnerable to cyber threats. Many weren’t designed to connect to networks and don’t have any built-in cybersecurity protocols. More than 70% of IoMT devices run unsupported Windows operating systems (e.g. Windows 7) that are no longer supported and can’t be patched.
- Standard security tools don’t work for healthcare IoT. IoMT devices have unique communications patterns (think heart monitors communicating with nurse stations or MRI machines communicating with their vendor for routine maintenance). Without medical context, standard firewall and NAC policies could disrupt the normal function of critical devices and jeopardise patient safety.
- Clinical network topologies are in a constant state of flux. There are around 10 billion IoMT devices connected to the global clinical ecosystem today, with over 50 more connected each second, and 50 billion projected by 2028. The majority are connected without security checks, and thousands are moved between wards and off-campus sites completely unchecked. Keeping track of them all without an automated IoMT asset management solution is pretty much impossible.
- The variety of cyber attacks on healthcare has expanded. In the past, healthcare was typically targeted by sophisticated, state-sponsored attacks. Today, due to the vulnerability of the healthcare industry, amateur hackers carrying out simple, generic attacks on non-medical devices that happen to be connected to clinical networks (e.g. security cameras, PCs, game consoles) can cause serious harm. Hospitals need to be prepared for a variety of spontaneous attacks every single day.
COVID’s impact on healthcare network security
The pandemic has made the industry’s cybersecurity challenges more complicated:
- Hospitals are understaffed, from medical staff to IT and cybersecurity professionals.
- Adoption of remote work and telehealth has spiked and is probably here to stay, expanding the attack surface of clinical networks and providing uncountable entry points for hackers.
- Equipment shortages alongside a surge of patients in crisis mean devices are hooked up to the network without any cybersecurity checks.
- Emergency quarantine units and field hospitals require cross-ward/cross-site equipment relocation, further expanding the attack surface and complicating complex clinical topologies.
Despite these hurdles, overcoming them is easier than it may seem.
Bracing for wave 2 with preventative measures
Healthcare organisations can solve the majority of their IoT cyber security challenges by taking preventative measures:
- Launch a cyber awareness campaign – For healthcare organisations, patients, and employees to stay safe, everyone from IT to medical professionals needs to be aware of cyber threats and cyber hygiene best practices.
- Adopt a zero trust security policy – By adopting a zero-trust policy, healthcare organisations can limit access to sensitive information like ePHI (electronic personal health information) and reduce the attack surface. Zero-trust policies also help limit the reach of external attacks by stopping the propagation of the infection into sensitive devices on the network.
- Segment the network – Reduce the attack surface of the clinical network by limiting communications between devices to only those that are necessary to maintain medical services.
- Employ a Healthcare IoT security program – Automated security solutions can simplify and expedite healthcare IoT cyber security projects. They integrate easily with IT tools healthcare IT teams might already have in place and enrich them with the medical context hospitals need to avoid device downtime and ensure continuous clinical services.
The need for a Healthcare IoT security program is paramount in healthcare, and top research firms like Forrester and Gartner have recognised the emerging industry with reports dedicated to providing hospitals with detailed information on leading vendors.
Hospitals have a plethora of tools they can use right now to secure clinical environments exponentially faster than they would be able to manually. These tools simplify complex processes like relocation, vulnerability management, and asset management with automated inventory and network segmentation capabilities.
Today’s world may be plagued by things we can’t control, like hackers stealing sensitive health information and a swelling wave of COVID infections. In spite of all that, we do have control over the steps we take to mitigate these threats. The tools and power to control healthcare’s security posture and readiness for the second wave of COVID rests in hospitals’ hands.
The author is Leon Lerman, CEO at Cynerio.
About the author
Leon Lerman is CEO at Cynerio. Leon brings over a decade of experience in cybersecurity enterprise sales, channel sales and business development to establish Cynerio as a vendor in the healthcare cybersecurity space. Prior to Cynerio, Leon was director of sales at Metapacket, where he led go-to-market strategy and execution.
Prior to that, Leon held sales and sales engineering positions at RSA security, helping the largest enterprises in the region to solve their security problems. Leon served as an expert intelligence officer at 8200 in the Israel Defense Forces. Leon holds a Bachelor of Science in industrial engineering and management from the open university of Israel where he graduated with distinction.