No sector or organisation
is immune to rapidly escalating threats, but when it comes to healthcare, the
stakes couldn’t be higher.
By Phil Muncaster
Even prior to
Russia’s invasion of Ukraine, there was considerable fear that military
escalation would bleed (further) into cyberspace and be followed by a rash of
impactful digital assaults with international implications. Organizations
worldwide have, therefore, been urged to batten down the cybersecurity hatches
and prepare for and respond to highly disruptive cyberattacks, whether
intentional or accidental.
One sector
where the stakes couldn’t be higher is healthcare. Digital threats facing the
sector and, indeed, the critical infrastructure as a whole have been escalating
for years, and the Russian invasion of Ukraine has further increased the threat
level. In response, the US Department of Health and Human Services, for
example, has issued an alert
for the sector, singling out HermeticWiper, a new data wiper
discovered by ESET researchers, as an example of an acute risk.
Obviously,
hospitals and other healthcare providers in Europe should also be aware of the
risks, having been an increasingly popular target for bad actors in recent
years. EU cybersecurity agency ENISA
reported a few
months ago that attacks on the sector rose by almost 50% year-on-year in 2020.
There’s far
more than just money at stake: a 2019
study claimed
that even data breaches can increase the 30-day mortality rate for heart attack
victims. Indeed, while a now-infamous ransomware incident in Germany is not
thought to have directly caused the death of a patient, it was one of the
potent harbingers of the potential real-world impact of virtual attacks, when
life-saving systems are taken offline.
As European
healthcare organizations (HCOs) continue to digitalize in response to the
pressures of COVID-19, an increasingly remote workforce and an ageing
population, these risks will only grow. But by building
cyber-resilience through improved IT hygiene and other best
practices, and enhancing incident detection and response, there is a way
forward for the sector.
Why healthcare is exposed to cyberattacks
The
healthcare sector represents a major segment of critical national
infrastructure (CNI) across Europe. According to the most recent
estimates it
employs nearly
15 million people, or 7% of the working population. Healthcare is also unique
in the breadth of challenges it faces, making it arguably more exposed to
cyber-threats than other sectors. These
include:;
·
IT skills shortages, which are industry wide, but HCOs often can’t
compete with the higher salaries offered in other sectors.
·
COVID-19, which has put unprecedented pressure on staff,
including IT security teams.
·
Remote working, which can open HCOs up to risks presented by
distracted workers, unsecured endpoints and vulnerable/misconfigured remote
access infrastructure.
·
Old IT infrastructure
·
Vast amounts of personal data and a high burden to meet
regulatory demands.
·
Tool sprawl, which can overwhelm threat response teams
with alerts.
·
Cloud adoption, which may increase the attack
surface. Many HCOs
don’t have the in-house skills to securely manage and configure these
environments and/or misunderstand their shared
responsibility for security.
·
Complexity of IT systems adopted over a long period
of time.
·
Connected devices, which include many legacy
operational technology (OT) devices in hospitals, such as MRI scanners and
X-ray machines. With connectivity comes the risk of remote attacks, and many
such devices are too mission critical to take offline to patch, or else are
past their support deadline.
·
IoT devices, which are increasingly popular for things like
dispensing medication and monitoring patients’ vital signs. Many are left
unpatched and protected with only their factory default passwords, leaving them
exposed to attacks.
·
Professional cybercriminals who increasingly see HCOs
as an easy target, as they struggle with high patient numbers from COVID-19.
Patient data, which can include highly sensitive information and financial
details, is a lucrative commodity on the cybercrime underground. And ransomware
is more likely to force a payment as hospitals can’t afford to be offline for
long. Research hospitals may also store highly sensitive IP on forthcoming
treatments.
Full article:
https://www.welivesecurity.com/2022/03/09/securing-healthcare-it-health-check-state-sector/?utm_source=feedburner&utm_medium=email
