Nov 9, 2021
0 0

Unique Challenges to Cyber-Security in Healthcare and How to Address Them

Written by

No business is out of danger of cyberattacks today. However, specific industries are particularly at risk and a favorite of attackers. For years, the healthcare industry has taken the brunt of ransomware attacks, data breaches, and other cyberattacks.
Why is the healthcare industry particularly at risk for a cyberattack? What are the unique challenges to cybersecurity in healthcare, and how can healthcare organizations address these?
Attackers are targeting various industries across the board. However, attackers seem to have a particular affinity for healthcare organizations. For eleven consecutive years, in the IBM Cost of a Data Breach Report 2021, healthcare had the highest industry cost of a breach. Additionally, Healthcare data breach costs increased from an average total cost of $7.13 million in 2020 to $9.23 million in 2021, a 29.5% increase.
However, the tremendous cost sustained by healthcare organizations for data breach events is not only due to the number of incidents. It is also due to the type and sensitivity of data related to healthcare organizations. Generally, the more sensitive and confidential the information, it is worth more on the dark web. It has been noted that healthcare data is more valuable on the dark web than credit card data.
Healthcare organizations have particularly been a target of ransomware attacks, which have prompted several special warnings from the FBI and others to help protect healthcare organizations, including hospitals, from attacks. Note the following:
Ransomware poses an extremely dangerous risk for healthcare organizations. Due to the sensitive nature of the data maintained by healthcare organizations, ransomware provides a perfect storm of “worst case” outcomes for hospitals and other healthcare-related businesses. Not only does modern ransomware encrypt the victim’s data, often it leaks the data to the dark web, the worst possible outcome for sensitive patient records.
So, what other factors lead to the high risk of attack on healthcare institutions? Let’s consider the following:
Often, we hear about the risks of IoT devices. These are essentially simple networked devices that perform a specific function. For example, many networked medical devices in healthcare organizations such as hospitals transmit health statistics, data, charting, records, and many other data types. The sheer number of devices used in a hospital setting dramatically increases the attack surface.
Medical devices may not be patched with the latest security devices for the underlying operating systems, firmware, drivers, etc. In addition, medical devices may be logged in and left unattended. All of these factors and others lead to an increased cybersecurity risk for healthcare organizations.
Organizations must ensure they have a proper inventory of any connected medical devices and adequate monitoring and patching schedules as needed to remediate security vulnerabilities.
The networks of large hospitals may be connected with smaller and less secure physician’s offices. While interconnected networks allow information to be exchanged quickly and easily, it can provide an easier way for hackers to compromise the target they generally are after, hospital networks, and the data these contain.
Doctor’s offices may use legacy and antiquated network and end-user devices running old and outdated security protocols. Endpoints may not be patched appropriately and regularly logged into using administrator credentials. Visiting a single malicious website could provide the door for malware, ransomware, or another compromise to first infiltrate the smaller network and then pivot to the connected hospital network via open ports and other allowed communications.
Implementing zero-trust network connectivity between all connected networks and ensuring least privilege access to resources across the board will help bolster the security of sensitive patient records.
While medical professionals have some of the most extensive training globally, unfortunately, cybersecurity training is not one of them. As a result, many medical professionals, like other business professionals, are not adequately trained to recognize phishing emails, malicious websites, or other malicious software. On top of the risks associated with medical devices and interconnected medical networks, this adds to the threat to healthcare organizations.
Healthcare organizations must mandate regular and systematic cybersecurity training for all healthcare employees to ensure the end-users are trained in scrutinizing all network communications, emails, and other tactics attackers use for social engineering and phishing attacks.
According to the IBM Cost of a Data Breach Report 2021, several alarming statistics are related to compromised credentials. These include:
Healthcare organizations can undoubtedly fall victim to attacks resulting from compromised credentials as they can be challenging to detect and allow an attacker to masquerade as someone with legitimate credentials. Additionally, even if passwords are complex, they are known to an attacker if they are on a breached password list. It can give quick entry to attackers who use the breached lists in password spraying or other credential attacks.
Organizations must implement strong password policies to prevent weak passwords and use breached password protection to protect against breached passwords in the environment.
Healthcare cybersecurity is also weakened due to the lack of investment in proper cybersecurity solutions and technologies to protect sensitive healthcare environments. A study noted that, on average, healthcare organizations spend only around 5% of their IT budget on cybersecurity while the rest is devoted to the adoption of new technologies.
As a result, it leads to a less than desirable outcome of expanding attack surfaces and lacking the tools needed to secure the environment from cyberattacks properly.
A heavy burden of responsibility falls to the CIO and other business stakeholders to evangelize the need to prioritize cybersecurity spending. Risk assessments need to carefully consider the impact of a ransomware attack on sensitive patient data and the repercussions to the organization if data is leaked.
As stated earlier, password security is a tremendous concern. Attackers often use compromised credentials to gain easy access to business networks, including those of healthcare institutions. As a result, poor password policies and a lack of breached password protection can lead to tremendous vulnerabilities across the board for accounts.
Healthcare organizations using Microsoft’s Active Directory password policies as part of Group Policy lack robust tools to implement industry best practice standards of effective password filtering, protecting against incremental passwords, and breached password protection.
Specops Password Policy is a robust password policy solution that adds key features to existing Active Directory password policies, including industry-leading breached password protection. With Specops Password Policy, healthcare organizations can provide continuous breached password protection for user accounts with a push-button approach.
Specops Complete API Breached Password Protection
In addition to the robust breached password protection functionality provided by Specops Password Policy, it provides the following:
Test it out for yourself with a free trial of Specops Password Policy.
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.


Article Categories:
Cybersecurity News

Comments are closed.