Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 3 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

How Healthcare Organizations Can Protect Themselves Against IoT Ransomware

by Sucindran Ramachandran
February 15, 2021
in Insight
How Healthcare Organizations Can Protect Themselves Against IoT Ransomware
Share on FacebookShare on Twitter

Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. Weak cybersecurity evaluations, inappropriate network segmentation, and legacy devices expand the healthcare threat landscape. Exercising a sound cybersecurity strategy has to consider the nature of the healthcare profession where human life is a top priority.

The rise of mobile healthcare

The coronavirus pandemic introduced many stressful conditions for healthcare providers – treating an ever-increasing number of COVID-19 cases, while providing high quality and accurate services to remote patients. The provision of high-quality healthcare services was always impaired when patient and doctor were distant. Even in today’s hyper-connected world, isolated communities are lacking access to competent healthcare. The proliferation of connected healthcare devices is promising to put an end to this inequality.

Collecting real-time patient data is transforming the way doctors monitor and provide their medical services. Mobile Health (mHealth) and the proliferation of smartphones, apps, and IoT technology have had disruptive impacts on healthcare provision.

Connected healthcare brings enormous benefits for both the doctors and the patients. Connecting doctors to their patients remotely and accelerating the diagnosis of a patient in distress can be life-saving.

Healthcare ransomware is increasing

Despite their enormous benefits, mobile healthcare introduces novel challenges. The sector has always been a lucrative target for malicious actors, but the pandemic emergency has been a great vehicle for adversaries to launch an increasing number of ransomware attacks against hospitals. By September 2020, bad actors compromised over 9.5 million patient records in a series of 88 breaches in Q3 alone. In the last few months, we’ve seen rising hospital ransomware attacks.

In September, a chain of hospitals operating under the Universal Health Services (UHS) were hit with Ryuk ransomware. According to their official statement, they successfully continued to provide patient care despite not being able to access their IT applications, thanks to well-established incident recovery procedures. However, this is not always the outcome.

In Germany, Uniklinikum hospital was a victim of ransomware and stopped admitting new patients due to its systems behaving abnormally, resulting in a woman in need of serious medical attention being transferred to another hospital 20 miles away. The delay in her receiving treatment led to her death. . This is the first recorded case of death attributed to  a cyber-attack. Cyber-attacks can have real life and death implications.

Due to the increased imminent cybercrime threat to U.S. hospitals and healthcare providers, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Department of Health and Human Services (HSS) released a joint alert on ransomware activity. The malware families named are TrickBot, BazarLoader, Ryuk, and Conti, often leading to ransomware attacks, data theft, and the disruption of healthcare services.

What is the problem?

Several factors leave the healthcare industry open to increased cyber threats.

The explosion of the Internet of Medical Things (IoMT)

There are 10 million to 15 million medical devices in U.S. hospitals today with an average of 10 to 15 connected medical devices per patient bed. The integration of connected medical devices across healthcare poses significant cybersecurity risks. Due to their heterogeneous nature, these devices run on different operating systems and require specific security settings to protect them from cyber threats.

Legacy systems

Hospitals have specialized medical equipment that have constrained resources and cannot run properly with up-to-date operating systems. These systems operate on an outdated OS and even on software that has reached its end-of-life, without being able to be patched against known vulnerabilities.

Lack of adequate incident recovery plans

It usually takes many people-hours to restore all the affected systems and return to a fully operational state. The time to recover will be lower if the affected hospital has a well-tested incident recovery plan. Having a recovery plan and adequate backups that are easy to deploy can streamline business continuity processes. Another important task is to figure out how the incident evolved, locate any gaps in policies and practices and make sure it won’t happen again. During this investigation, it is also recommended to look for any backdoors that the attacker might have left behind.

Health emergencies are a higher priority

Medical emergencies, COVID-19, and other natural disasters take precedence and push aside security teams from implementing policies and practices that may disrupt surgeries or the operation of ICUs. Saving human lives are always a top priority. However, as the incident in Germany demonstrated, cybersecurity has real life and death implications and must be treated accordingly.

Risk assessment can strengthen hospitals’ security posture

CISA, FBI, and HHS have developed a thorough list of security practices to address current threats posed by malicious cyber actors.

Hospitals and other healthcare organizations should review and align their security plans to these recommendations and they can commence by evaluating their cybersecurity posture to identify gaps that need to be addressed sooner than later.

To eliminate the impact of cybersecurity breaches and incidents and minimize service interruptions, healthcare industry organizations must develop and maintain business continuity plans. Without planning, provision, and implementation of continuity principles, organizations may be unable to continue operations.

Assessing the risks that are impediments to continuity and capability will help identify critical gaps. Identifying and addressing these gaps can assist healthcare organizations to establish a viable continuity program that will help keep them functioning during cyberattacks or other emergencies.

 

 

Sucindran Ramachandran is VP at Ampcus Cyber. He has over 18 years extensive industry experience including leadership positions with a Big 4 consulting firm. As client partner and practice lead, built and managed the delivery of over 500 engagements in Cyber Security, Cloud, Governance Risk & Compliance, Access Management, PCI, Data Privacy, Third-Party Vendor Management, and IT Advisory services

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Top 5 privacy-conscious social media platforms

Next Post

French and Ukrainian police arrested Egregor ransomware members

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information