As digital threats to the healthcare industry evolve, and news of attacks grows more frequent, it’s easy to see why some consider cybersecurity to be a losing battle.
Take ransomware, which moved from the 22nd most common malware attack in 2014 to the fifth most common in 2017, according to the 2017 Verizon Data Breach Investigations Report. In 2016, Locky ransomware attacks, which are delivered by email and contain a Microsoft Word document resembling an invoice with malicious macros, targeted multiple healthcare organizations. At least one, Los Angeles-based Hollywood Presbyterian Medical Center, paid 40 bitcoins — nearly $17,000 — to regain access to its network.
And already in 2017, WannaCry and Petya, which both target Windows operating systems by encrypting files and demanding bitcoin payment, hit providers hard, with the latter forcing a West Virginia organization to replace much of its computer network.
But ransomware represents just one of many hurdles. Phishing attacks that compromise private information — from employees as well as patients — can be just as damaging to an organization.
The current landscape, no doubt, is fraught with peril. But just because hackers continue to adapt their strategies, there’s no reason why healthcare information security teams can’t do the same.
A Balanced Approach to Healthcare Cyberdefenses
A robust and diversified approach to cyberdefense can mean the difference between stopping an attack early and paying a hefty fine to the Department of Health and Human Services Office for Civil Rights. That’s why it’s critical that cybersecurity not be one-dimensional. Factors organizations should consider while developing a multilayered defense include:
- The human element — While opening and clicking on fake emails might seem like an obvious pitfall to avoid, a sophisticated scam disguised to mirror everyday internal communication can fool even the most educated staff. Phishing reveals one of the greatest vulnerabilities for provider organizations: people. Constant messaging, education and training for all staff who access the system is crucial.
- Network segmentation — Cybercriminals have grown adept at getting into networks from around the edges. But once they’re in, segmentation can keep their activities away from your most sensitive information. Network segmentation reduces the attack surface through different technologies and security policies. For example, firewalls, routers and virtual local area networks can restrict access to specific segments, while certain employees or patients may have privileges to use only a small part of another segment.
- Plan for bring-your-own devices and the Internet of Things — Healthcare employees and patients alike are accustomed to accessing and sharing information from their phones and laptops. What’s more, organizations increasingly add web-connected, intelligent medical devices to the mix. Each device increases the points of entry for cybercriminals. Planning for the security risks of multiple tools is a must.
- Intelligent security — Just as malware evolves, security applications continue to evolve as well. Some of the latest use machine learning to gain full network visibility and find and kill viruses before they can cause major harm.
While some experts estimate that data breaches in healthcare cost the industry $6.2 billion annually, determining how such events impact reputation can be difficult to quantify. Even when an organization’s networks are down for a seemingly short amount of time, such a disruption can have a major impact on patient care.
To keep pace with ever-evolving threats, providers must remain vigilant and holistic about their approach to cybersecurity.