Cyber-attacks on health care companies have increased at double the rate of other industries. So what can we do to prevent these sophisticated assaults on systems? Israel Barak chief information security officer, Cybereason talks exclusively to Health Tech World
Since the pandemic, attacks on healthcare institutions have unfortunately, become almost commonplace. A recent study has shown that cyberattacks on global healthcare organisations have increased at more than double the rate of those on other industries; with ransomware playing a central role in this spike.
Cybercriminals are seizing the opportunity while these organisations are distracted in their fight to curb the spread of Covid-19. In October 2020, dozens of hospitals in the United States fell victim to Ryuk ransomware. In February, the University of Oxford detected a breach in its biochemical labs, where scientists have been conducting research on Covid-19 cells.
What’s worse, is the ever-growing sophistication of such attacks. It is no longer enough to deploy and detonate ransomware. Rather, bad actors have become increasingly strategic. For instance, many are now employing botnet infrastructure and commodity malware like Emotet, to mislead security teams from more sinister schemes. They are also more inclined to play the long game, hiding in the shadows of a network for months and covertly spreading laterally across the environment before deployment. In other words, this multistage attack corners its victims by infecting as many devices as possible and stealing a wealth of their data.
Recognising this, it is urgent, now more than ever, that healthcare institutions pay due attention to improving their security posture. This means adopting a number of best practices. As a first step, all employees should undergo security awareness training. This will enable them to better identify and manage phishing emails that often act as the cybercriminal’s initial point of entry. Secondly, it is critical that these organisations have visibility of their network and invest in on-going threat detection solutions to minimise the time it takes to respond to a threat. Next, security resilience should be a priority. That is, legacy systems should be updated where possible, and software patches swiftly applied. Tabletop exercises should be regularly held as well to prepare for the worst. If in doubt, organisations should partner with experts for advice and support should an issue arise.
It is diabolical that there are actors willing to attack healthcare and research infrastructures, particularly during an already challenging time. It is no easy task wrestling with changes in infrastructure and understanding how to improve security, whilst ensuring the primary mission is not negatively impacted. As such, we must commend those working hard on the frontlines caring for our sick and supporting our return to life post-Covid. Let us work together to defend against cyber threats and ensure their work is not done in vain.