HEALTHTECH: Why is healthcare such an attractive target for cybercriminals?
GOODEN: Protected health information is coveted. It’s worth a lot of money on the dark web, even more than the traditional sources of predation such as credit cards, personal information and Social Security numbers. Health information has all of that and is very valuable to bad actors.
HEALTHTECH: What sort of threats are healthcare organizations facing? Can you give some examples?
GOODEN: I would say about 85 percent of all attacks against healthcare organizations are delivered through email as the primary vector. Most of that is some form of ransomware. There are also brute-force attacks and drive-bys, where they stage attacks against the firewalls and external perimeter. For the most part, the primary attack vector is through email.
EXPLORE: Learn why layered security is essential to incident response planning.
HEALTHTECH: We often hear that humans are the weakest link in cybersecurity. What is social engineering, and how are criminals using it to breach systems?
GOODEN: You have lures. Humans are curious. Bad actors are creative and always thinking of interesting ways to get credentials from you. They’ll have you click on a link that will take you somewhere you shouldn’t go, or a file that will download something to your endpoint device. It’s all based on human curiosity. Social engineering feeds on that and creates lures that seem attractive or necessary to interact with.
HEALTHTECH: What can healthcare organizations do to assess their risk and identify vulnerabilities?
GOODEN: Every organization is different. The first thing to do is ensure you have the basic blocking and tackling technologies. Do you have firewalls? Do your email systems run through a gateway that filters threats? Are you tracking how data is moving through your system? Are you looking at where data is going in the cloud? Are you looking at where attackers may be coming from? If you have the base components in place, you want to spend your time looking at the security controls that are deficient. You’re essentially looking at fitting in the big rocks and then filling in smaller pebbles in the bucket.
Click the banner below for more security and incident response planning content from HealthTech.