April 26, 2019

Safeguarding Healthcare Organizations against Cyber-Attacks

Safeguarding Healthcare Organizations against Cyber-Attacks

Learn the most common IT security threats and prevention methods that healthcare organizations can take.  

With the evolution of cloud based medical devices and technologies, the healthcare industry is highly prone to cybersecurity risks. Hundreds of data breaches take place in healthcare organizations each year, exposing millions of healthcare records. As of February 2019, there have been 31 reported breaches to the Health and Human Services Office of Civil Rights, with over 2 million records exposed. The biggest breach this year has been with the University of Washington-Seattle Medicine School, with about 974,000 exposed records.

Below are the most common types of cyber threats healthcare organizations face and methods to remedy them.

Ransomware via Email Phishing

Ransomware is a common malware based cyber-threat that healthcare organizations face. Two years ago, Cybersecurity Ventures predicted that ransomware damages will increase to $11.5 billion globally by 2019. Ransomware via email phishing works by sending messages with malicious attachments, links, or requests for sensitive information. If users open links or provide information, ransomware can lock employees out of EHRs and either steal or encrypt data. Once hospital employees are denied data access, they may have to pay to regain access. Paying the fee doesn't always guarantee the ability to regain data access, and not being able to view patient records is damaging to the hospital.

Backing up data in real time is one practical way to preserve data without having to pay hackers to do get lost data back. If an attack occurs, the IT department should remove the infected systems immediately and power-off affected devices to prevent further attacks. It also helps to change passwords upon removing systems and after removing the malware.

Internet of Medical Things (IoMT)

Connected medical devices like pacemakers or insulin pumps help monitor health conditions, but cyber attacks on these devices may kill patients. That is why improved network segmentation and inspection helps to protect IoMT devices, and the FDA implemented guidelines for securing these devices.  There is risk of destruction of service (DeOS) attacks, which can destroy data back-ups needed to repair systems. Chief Information Officers are becoming more conscious of these risks and are making cyber threat intelligence and automation software a priority.

Improving IoT security is a team effort between IT executives and their employees as well as legal teams. Companies can implement standard TLS 1.2 with AES 256-bit encryption security to reduce likelihood of attacks on connected medical systems. Security Information and Event Management (SIEM) gathers data from all solutions deployed within networks and stores it in a central location, helping detect security threats in real time. Once threats are detected, using distributed network segmentation can help isolate the threat to one location to protect the rest of the network.

Artificial Intelligence

A study showed that 75% of healthcare organizations have understaffed IT departments, which is why some organizations are adopting Artificial Intelligence to automate certain tasks. Artificial Intelligence and machine learning automate tasks such as password resets and other repetitive tasks, which leaves time for professionals to focus on more important duties. In a healthcare setting, AI could help with automating data entry, which saves a lot of time for employees. However, cyber criminals are starting to use AI-driven malware to hack systems. Cyber criminals may use the central servers as a method to collect large amounts of data. The IT security team must understand how to identify threats and understand what makes a threat successful. AI technology is still developing, as well as its security remedies. Using more than one algorithm is one way to make it harder for hackers and malware to access AI based systems. Additionally, it's important to update systems regularly and to establish a risk program to learn about analytics so IT professionals can better anticipate, detect, and remedy threats.