Eskenzi PR Eskenzi PR
  • About Us
Sunday, 7 March, 2021
IT Security Guru
Eskenzi PR
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

How Healthcare Organizations Can Protect Themselves Against IoT Ransomware

by Sucindran Ramachandran
February 15, 2021
in Insight
How Healthcare Organizations Can Protect Themselves Against IoT Ransomware
Share on FacebookShare on Twitter

Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. Weak cybersecurity evaluations, inappropriate network segmentation, and legacy devices expand the healthcare threat landscape. Exercising a sound cybersecurity strategy has to consider the nature of the healthcare profession where human life is a top priority.

The rise of mobile healthcare

The coronavirus pandemic introduced many stressful conditions for healthcare providers – treating an ever-increasing number of COVID-19 cases, while providing high quality and accurate services to remote patients. The provision of high-quality healthcare services was always impaired when patient and doctor were distant. Even in today’s hyper-connected world, isolated communities are lacking access to competent healthcare. The proliferation of connected healthcare devices is promising to put an end to this inequality.

Collecting real-time patient data is transforming the way doctors monitor and provide their medical services. Mobile Health (mHealth) and the proliferation of smartphones, apps, and IoT technology have had disruptive impacts on healthcare provision.

Connected healthcare brings enormous benefits for both the doctors and the patients. Connecting doctors to their patients remotely and accelerating the diagnosis of a patient in distress can be life-saving.

Healthcare ransomware is increasing

Despite their enormous benefits, mobile healthcare introduces novel challenges. The sector has always been a lucrative target for malicious actors, but the pandemic emergency has been a great vehicle for adversaries to launch an increasing number of ransomware attacks against hospitals. By September 2020, bad actors compromised over 9.5 million patient records in a series of 88 breaches in Q3 alone. In the last few months, we’ve seen rising hospital ransomware attacks.

In September, a chain of hospitals operating under the Universal Health Services (UHS) were hit with Ryuk ransomware. According to their official statement, they successfully continued to provide patient care despite not being able to access their IT applications, thanks to well-established incident recovery procedures. However, this is not always the outcome.

In Germany, Uniklinikum hospital was a victim of ransomware and stopped admitting new patients due to its systems behaving abnormally, resulting in a woman in need of serious medical attention being transferred to another hospital 20 miles away. The delay in her receiving treatment led to her death. . This is the first recorded case of death attributed to  a cyber-attack. Cyber-attacks can have real life and death implications.

Due to the increased imminent cybercrime threat to U.S. hospitals and healthcare providers, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Department of Health and Human Services (HSS) released a joint alert on ransomware activity. The malware families named are TrickBot, BazarLoader, Ryuk, and Conti, often leading to ransomware attacks, data theft, and the disruption of healthcare services.

What is the problem?

Several factors leave the healthcare industry open to increased cyber threats.

The explosion of the Internet of Medical Things (IoMT)

There are 10 million to 15 million medical devices in U.S. hospitals today with an average of 10 to 15 connected medical devices per patient bed. The integration of connected medical devices across healthcare poses significant cybersecurity risks. Due to their heterogeneous nature, these devices run on different operating systems and require specific security settings to protect them from cyber threats.

Legacy systems

Hospitals have specialized medical equipment that have constrained resources and cannot run properly with up-to-date operating systems. These systems operate on an outdated OS and even on software that has reached its end-of-life, without being able to be patched against known vulnerabilities.

Lack of adequate incident recovery plans

It usually takes many people-hours to restore all the affected systems and return to a fully operational state. The time to recover will be lower if the affected hospital has a well-tested incident recovery plan. Having a recovery plan and adequate backups that are easy to deploy can streamline business continuity processes. Another important task is to figure out how the incident evolved, locate any gaps in policies and practices and make sure it won’t happen again. During this investigation, it is also recommended to look for any backdoors that the attacker might have left behind.

Health emergencies are a higher priority

Medical emergencies, COVID-19, and other natural disasters take precedence and push aside security teams from implementing policies and practices that may disrupt surgeries or the operation of ICUs. Saving human lives are always a top priority. However, as the incident in Germany demonstrated, cybersecurity has real life and death implications and must be treated accordingly.

Risk assessment can strengthen hospitals’ security posture

CISA, FBI, and HHS have developed a thorough list of security practices to address current threats posed by malicious cyber actors.

Hospitals and other healthcare organizations should review and align their security plans to these recommendations and they can commence by evaluating their cybersecurity posture to identify gaps that need to be addressed sooner than later.

To eliminate the impact of cybersecurity breaches and incidents and minimize service interruptions, healthcare industry organizations must develop and maintain business continuity plans. Without planning, provision, and implementation of continuity principles, organizations may be unable to continue operations.

Assessing the risks that are impediments to continuity and capability will help identify critical gaps. Identifying and addressing these gaps can assist healthcare organizations to establish a viable continuity program that will help keep them functioning during cyberattacks or other emergencies.

 

 

Sucindran Ramachandran is VP at Ampcus Cyber. He has over 18 years extensive industry experience including leadership positions with a Big 4 consulting firm. As client partner and practice lead, built and managed the delivery of over 500 engagements in Cyber Security, Cloud, Governance Risk & Compliance, Access Management, PCI, Data Privacy, Third-Party Vendor Management, and IT Advisory services

5 1 vote
Article Rating
FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Top 5 privacy-conscious social media platforms

Next Post

French and Ukrainian police arrested Egregor ransomware members

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Malaysia Airlines

Malaysia and Singapore Airlines Breached in Third Party Hacks

March 5, 2021
Fraud attempts skyrocketed in 2020 according to latest Financial Crime Report from Feedzai

Fraud attempts skyrocketed in 2020 according to latest Financial Crime Report from Feedzai

March 4, 2021

Top 10 awards to enter for cybersecurity 

March 3, 2021
Medal

Identity theft: US Congressional Medal of Honor

March 3, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept