Matt Walmsley, Director
EMEA at Vectra
industry unlocked
44
H
The abundance of data in the possession of
healthcare organisations makes them a ripe
target for cybercriminals. Matt Walmsley,
Director EMEA at Vectra, tells us why the
industry is so targeted and why visibility is
crucial for staying one step ahead of attackers.
Healthcare data has long been one of the
favourite targets for cyberattackers. A set of
medical records can provide a wealth of data
for criminals to conduct fraud or launch more
effective targeted attacks. Ironically there have
been so many healthcare breaches that the
value of an individual data set has dropped
significantly in recent years, but medical data
is still a basic commodity in the underground
cybercriminal economy.
Low hanging fruit
The healthcare industry has an unfortunately
well-founded reputation as a softer target.
A combination of factors including legacy
equipment, stretched resources and funding
constraints mean the industry often falls behind
when it comes to keeping systems up-to-date
and secure.
Organisations on the frontend of healthcare also
face unique security challenges due to the fact
their main priority is treating patients and saving
lives. This makes it far more difficult to manage
the downtime required to keep systems updated
and secured – even a few hours of downtime can
impact lives – so it’s common to find systems
running outdated software and lagging behind on
patches that would address common exploits.
The connectivity dichotomy
Ironically, healthcare providers are also under
pressure to invest in the latest smart medical
technologies. These connected devices can
help to deliver a more efficient and responsible
environment that helps provide a
higher level of clinical care while also
reducing costs.
However, connected devices also
present an easy target for cyberattacks.
Clinical imperatives often trump technical
security consideration. It’s common to
find that smart medical devices have
been deployed without any IT or security
planning and their network behaviours,
update capabilities and vulnerabilities
are often not well understood. These
concerns are common in every industry
where Internet of Things (IoT) devices
are used, but the issue is especially
pressing in the medical field, where
patients’ lives may be directly at stake.
A recent report found that a widely
used series of connected anaesthetic
machines could be vulnerable to
attack, enabling a threat actor to inject
overdoses or disable warning alarms
among other potentially fatal activity.
Any new device added to the network
– whether it’s a smart MRI machine or
a Wi-Fi enabled infusion pump – also
increases the potential attack surface.
This is exacerbated by the large number
of visiting devices that are connected
to the typical hospital’s networks.
Patients and their visitors, visiting
physicians and specialists working at
multiple sites, medical students and
many other third parties will constantly
be connecting to the network. Every
Issue 21
|
www.intelligentciso.com