Healthcare industry providers will tell you they face enough challenges without the devastating impact of security breaches and attacks. The last two years have been particularly strenuous, as the global pandemic has put virtually every aspect of operations under incredible strain. At the same time, the sector has come under an unprecedented number of attacks from cybercriminals.
Such attacks pose serious risks that transcend the bottom line. In September 2020, Germany recorded the first ever instance of patient death linked directly to cyberattack, after a 78-year old woman passed away from an aneurysm at a hospital suffering the effects of a ransomware breach.
Typically, cybercriminals have come to rely on ransomware to extort crucial private data from healthcare providers and patients, with the intent to extort or blackmail those victims for financial gain. In the case of the 78-year old patient who died in Germany, the hospital was unable to cater to her needs as all of their operating systems had malfunctioned and were being held to ransom by cybercriminals eager to exploit the desperation of healthcare providers.
According to figures aggregated from the United States Health and Human Services Office’s Breach of Unsecured Protected Health Information report, in January 2022 alone, 2.3 million patients were affected by data breaches; whether from ransomware attacks on hospitals, clinics and doctors, or from targeted highly-specified attacks on individual patients.
Legacy issues
One major challenge is that an over-reliance on legacy technology permeates the industry as a whole. IT and operating systems are siloed, huge swathes of data are stored on vulnerable on-prem servers, and there is little consolidation of HVAC, patient monitoring systems, intensive care equipment, and even newer IoT technology.
Blind spots or gaps arising out of those blind spots make it easy for cybercriminals to breach security protocols, which can cost healthcare providers huge amounts of money when compared with the implementation of tighter security. According to the HIPAA governing body, the average cost of a healthcare data breach is higher than any other industry, standing at $9.23m and almost double that of the finance sector which sits at a distant second.
Indeed, the ‘Third-Party Breach’ report recently found that not only was the healthcare industry the most targeted victim of cyberattacks in 2021 at a staggering 33%, but that the average cost of a cyberattack had increased dramatically; up by 29.5% from 2020, when the average was $7.13m.
Minimise risk
There are things that healthcare providers and stakeholders can do to minimise the risk of cyberattack, provided that they are open to modernising their security protocols and move away from harmful embedded practices. These have been outlines in a paper by ManageEngine, “Healthcare Cybersecurity: 10 Ways To Thwart Healthcare IT Cyberattacks and Data Breaches”.
First is to enable a zero trust network defence model, based on the premise that, until proven trustworthy, all network access devices are deemed hostile by default. It can be applied to VPN and proxy services, as well as other services that rely on trust between the client and server, and adds a significant next level of safety to the traditional network approach that considers a device trustworthy once it passes (typically) one security layer.
This leads to perhaps the most important form of protection: multi-factor authentication. Though this has become the standard within other industries, healthcare is still lagging behind in adoption. The idea is that users have to authenticate themselves in two or more ways to access their organisation’s information. Additional factors typically include timed one-off passwords, biometric scans, codes sent from authenticator apps, and facial recognition.
Another easy way to minimise the risk of cyberattack is to become more stringent about granting access. At all levels of healthcare, staff need quick and easy access to necessary data in order to provide quality care and carry out their roles effectively. By restricting access to what is strictly necessary, patient data is protected more closely and unnecessary admin time is cut down for staff.
End to endpoint
Of course, in terms of long term efficacy, ensuring endpoint management and protection is key to any bolstering of security. Endpoints can be office computers, mobile phones, tablets, routers, and other devices, and can access a network from both on-premises and remote locations. Broadly speaking, endpoint protection is multifaceted and includes vulnerability management, browser security, and application control.
A good example of an effective endpoint protection solution is ManageEngine Desktop Central, which aims at protecting user endpoints in multiple different ways, thereby ensuring security maximisation. Solutions like these work by securing end-user browsers as well as controlling external devices and applications. It also has the capability to centrally manage and monitor devices across multiple platforms, whether or not they are spread across a distributed network.
Modernisation is not just a question of updating IT and operating systems and hoping for the best. It is a constant battle of validation and evolution, testing network security against continually updating tech, qualifying and checking device upgrades, encrypting data, and performing regular software updates and patches. In a word, it’s about vigilance. Staying one step ahead of the cybercriminals who are always on the lookout for weakness.