Is your organization safe?
Gone are the days when qualified healthcare professionals and
state-of-the art medical equipment were sufficient to save patients' lives.
With a constantly evolving cyber threat landscape, an efficient IT security
team is crucial for the seamless functioning of a healthcare organization.
Come explore some of the many attacks that might affect your hospital, and
the processes and tools that can help your IT team combat them.
The malicious insider:
A receptionist tries to exfiltrate personally identifiable information (PII) of patients.
Data could be stolen for monetary benefits or to perform identity fraud.
An insider attack is generally more difficult to spot as the attacker may already possess the credentials required to conduct malicious activities.
Electronic health records (EHR) earn attackers hundreds of dollars per record and are far more valuable
than financial data, which only fetches a few cents.
Becoming bait: Phishing attacks.
A doctor unknowingly downloads an attachment from a legitimate looking phishing email.
A malicious executable payload can be included within an email disguised as a document file. Once downloaded, the attacker can exfiltrate critical data or gain remote access to the doctor's account.
Phishing is a social engineering technique that tricks the user into believing that a deceptive email is genuine.
In 59 percent of security incidents, phishing emails were instrumental in gaining initial foothold.
Conducting cyberthreat awareness programs for hospital staff and monitoring the execution of suspicious EXE files can help combat phishing attacks.
Overwhelming the network: Distributed denial-of-service (DDoS).
A radiologist is unable to upload a patient's scan reports due to the hospital's network
experiencing more traffic than it can handle.
The inability to upload patient reports can delay diagnosis and treatment, which can mean the difference between life and death in an emergency.
DDoS is a technique used by hackers to overwhelm a network with a high volume of traffic, making it unavailable to legitimate users.
Employing an intelligent security solution
that continuously tracks all the entities belonging to a network and identifies when they are targeted by hackers can help contain DDoS attacks.
Locked out: Ransomware.
A surgical display monitor gets locked in the middle of a critical operation,
causing havoc in the operating room.
Critical surgeries generally involve image guidance for precision. Locking the interface of surgical display monitors can halt the surgery midway, presenting life threatening consequences.
Ransomware is malicious software that holds a user's computer hostage by locking the system's interface or encrypting the files until a ransom is paid.
report estimates the healthcare industry will lose $25 billion in 2019 due to ransomware attacks.
Timely patching of software coupled with utilizing an effective SIEM solution that can spot and notify about the telltale signs of ransomware can help protect the network.
Hijacking the equipment: Medjacking.
A morphine infusion pump is hacked, and is seen dispensing an
alarmingly high dose of the drug.
Hackers manipulating the rate at which the drug is released from the infusion pump can prove to be fatal for the patients.
Medjacking is a type of cyberattack in which network-connected medical devices are taken over by attackers.
70 percent of medical devices
will be running on unsupported Windows OSs by January 2020, leaving much of the healthcare sector vulnerable to cyberattacks.
Along with regular patch updates, deploying a purpose-built security layer that audits all the actions performed by connected medical devices can inform IT admins about these events the moment they happen so corrective action can be immediately taken.
Stealing keys: Credential theft.
A pharmacist unintentionally clicks on a spoofed URL and
enters his credentials to log in to a website.
Once cyberattackers have gained access to the pharmacist's account, they can move laterally through the network by escalating privileges, and compromise critical patient databases.
URL spoofing is a technique used to capture login credentials or to plant malware in a system by making a malicious website appear genuine.
In North America, the volume of stolen credentials soared to a whopping 141 percent
between June and August when compared to March and May in the year 2018.
While URL filtering can protect users from landing on phishing websites, enforcing multi-factor authentication (MFA) can prevent the account from being compromised even if credentials are stolen.
Sanitize your network now!
Afraid you could be the next prey?
Protect your hospital today!
Sign up for more information