Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

A matter of life or death: security challenges for the healthcare industry

creative hi tech abstract design decorated glossy brown background SBI 300920791 - Global Banking | Finance

By Robert Golladay, EMEA and APAC director at Illusive

According to the 2020 IBM Cost of a Data Breach Report, the monetary cost of recovering from a cyberattack is significantly higher for healthcare organisations than for companies operating in any other sector. The price tag increased by 10% between 2019 and 2020 and currently sits at around $7.13 million.

But more concerning than monetary losses is the human cost that a successful cyberattack targeting healthcare providers can have. In the November of 2020, German officials attempted to prove that the death of a patient was the direct result of a ransomware attack that shut down a hospital’s infrastructure and forced medics to turn the ambulance away, thus delaying life-saving treatment.

Since the Wannacry ransomware attack against the UK’s National Health Service in 2018, the specter of cyberattacks has loomed large on healthcare institutions. Whether it’s a data breach that exposes patients’ information or a more dangerous ransomware attack that encrypts data and renders systems unusable, healthcare providers have no margin of error when it comes to defending against cyber threats.

But as breaches continue to occur, we are forced to look at the inherent flaws of most healthcare institutions’ approaches to threat defence. In this article, we will explore the most common threats facing hospitals and healthcare providers, as well as the paradigm shift that is necessary to equip these organisations against cybercriminals.

Looking for a quick buck: ransomware

Ransomware attacks are rampant across all sectors, but a recent report by Checkpoint Security revealed that this type of attack is of particular concern for healthcare institutions. In January 2021, ransomware attacks against healthcare orgs had jumped about 45% since early November the previous year. The spike followed an alarming 71% increase in the October of 2020. According to the same report, at the beginning of this year healthcare providers were facing an average of 90 attempted attacks every single day.

The reason behind cybercriminal’s determination to breach the security of hospitals and healthcare providers is simple: leverage. There is nothing that will motivate a victim to pay up more than endangering the health and safety of individuals. Furthermore, the value of medical information is even higher than other types of personal identifiable information. Double-extortion ransomware, whereby threat actors steal data before encrypting their target’s systems, has become the norm among cybercriminal gangs. This allows them to monetise on their efforts twice, first by asking for a payment to decrypt the data and then by threatening to publicly release the stolen information.

Nation-state sponsored espionage and disruption

The Covid-19 pandemic launched nations into something like a new “space race”, with foreign powers competing to triumph over therapy, prevention, and vaccine development. Already valuable clinical trial and research data became even more appealing to state-sponsored threat groups, so much so that in early October 2020, Philadelphia-based medical software company eResearch Technology was hit with a ransomware attack believed to have been orchestrated by a nation-state actor. In that instance, attackers were able to shut down a number of clinical trials eResearch Technology provided tools to.

IoT and operating systems

Medical devices, just like operational technology, run an operating system. When these machines are connected to the network, they can be targeted by an attacker motivated to disrupt normal functionality.

Thankfully, an attack on an MRI machine or an insulin pump hasn’t been recorded yet, but proof of concept demonstrations have been conducted by well known hackers, who have proven that this eventuality is not as far-fetched as it seems.

The matter is made worse by the fact that the OS running on these machines is often locked in, meaning that it can’t be patched, and agents-based endpoint security solutions, such as EDR, can’t be deployed on them.

How deception helps

Attackers might dispose of sophisticated tools and tactics, but the secret to beat threat actors is to think like them. Rather than repeating the somewhat depressing mantra about organisations having to be right all the time while bad actors only need to be right once, we need to shift security postures to make sure we make it too time-consuming and expensive for a hacker to launch an attack.

Improving detection capabilities is a key component of shifting this paradigm, and deception can be an invaluable tool to achieve it. Rather than limiting detection capabilities at the endpoint level, and rather than relying solely on signatures, deception allows organisations to stop lateral movement, even when other layers of defence have failed. By distributing deceptions that mimic genuine IT assets throughout the network, attackers are essentially trapped in a net of fake connections that will trigger an alert if an exploit is attempted. Instead of relying on traditional signatures, deception technology alerts are generated by real attacker movements within a network.

Alerts are generated in real time, meaning that the IT team will know about an attack as it starts unfolding and will be able to mitigate the incident before any critical system can be accessed.

As threats continue to mount for organisations in the healthcare sector, understanding the mindset of an attacker and implementing a strategy that can flag suspicious behaviour in real time, whether around or within the perimeter, is literally a matter of life or death.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post