Adam Enterkin, Blackberry’s senior vice president for the EMEA region, on lessons learned and urgent steps needed.
Healthcare is facing a crisis of cybersecurity. To ignore it might prove fatal for trust — for both patients and healthcare professionals.
As cyber professionals, we know the pandemic has created enormous opportunity for cybercriminals to target healthcare systems and they are being helped by the current assumption that healthcare organisations don’t need to focus on cybersecurity as a priority.
It is possible to thwart the threat of cyber attackers, but to do so, healthcare providers need to acknowledge there is a problem facing their sector.
2020 saw emergency deployments of technology to keep healthcare users safe and healthy, ranging from contact tracing apps to telehealth services to remote working systems for non-patient-facing staff.
However, what hasn’t been evident is focus on protecting the sector’s vulnerability to cyber attacks.
BlackBerry’s 2020 Threat Report uncovered that globally, healthcare organisations are more likely to pay ransoms than any other industry due to the critical nature of the targeted data.
Now, with a mass vaccination programme being rolled out across the country and the healthcare system under greater strain than ever before, a compromising cybersecurity breach is the last thing the nation needs.
Learning a deadly lesson
Back in late September 2020, America’s Universal Health Services (UHS), which has more than 400 locations mostly in the US, was hit with a cyber attack— described as one of the largest attacks against a medical service provider in US history.
As UHS systems failed, some hospital staff were reduced to recording patient information with pen and paper, while online medication systems were inaccessible. Reports of the incident quoted a source as saying the attack “looks and smells like ransomware”.
Cyber attacks on hospitals can prove to be deadly. The UHS attack was preceded by a cyber attack on a German hospital in mid-September that led to a patient dying.
Duesseldorf University Clinic was infiltrated by a hacker that caused the hospital’s IT systems to gradually crash.
The hospital could no longer access data and an incoming patient with a life-threatening condition had to be redirected to another hospital over 30 km away.
The patient died due to the delay in receiving care. Local prosecutors launched an investigation against the unknown perpetrators of the attack on suspicion of negligent manslaughter.
Similarly in October last year, patients of a large psychotherapy clinic in Finland were contacted individually by blackmailers, after their data was stolen.
The data included personal identification records and notes about what was discussed in therapy sessions.
The National Bureau of Investigation subsequently reported that up to “tens of thousands” of clients who placed their trust in the Vastaamo psychotherapy clinic may have had their personal data compromised.
This clearly needs to change.
A tonic to prevent cyber issues within healthcare
So how can healthcare providers better respond to cyber threats and avoid making the same mistakes?
The first step in securing the nation’s healthcare services is investing in solutions that are up to the job.
Modern security solutions are being powered by artificial intelligence (AI), machine learning (ML) and automation to provide superior cyber threat prevention and remediation.
This means that threats can be contained before they execute (even if they’ve never been seen before), and that tablets and other mobile devices used by healthcare staff can be better protected.
With the increased volume and variety of enterprise IoT endpoints and as the scale of cyber threats continues to grow, AI-driven security solutions provide a consolidated, simplified endpoint security and management offering to reduce cost and complexity in a chaotic environment.
The second step in ensuring healthcare IT environments are secured effectively involves evaluation of what was breached and the likelihood of physical, psychological, emotional, financial or reputational harm and any remedial actions required.
The notification step requires promptly contacting affected individuals and notifying the relevant government bodies.
The review stage involves investigating the cause of the breach and modifying procedures as needed, to guard against future attacks.
Outside help should be called in if necessary, such as seeking advice from the National Cyber Security Centre (NCSC) in developing and tweaking cyber incident response plans.
2020 was a pivotal year for healthcare organisations trying to maintain business continuity, while undergoing digital transformation and workplace upheaval — all while focusing on maintaining quality of patient care in the face of an extreme health crisis.
Healthcare providers cannot afford to make securing operations a secondary priority any longer.
While patient care should, and will, remain the number one priority, part of that is ensuring cyber threats and data breaches do not prevent frontline staff from continuing to deliver patient services.