He recommends that healthcare organizations deploy a sophisticated email gateway solution augmented by DMARC capability to help authenticate and mitigate imposter-style attacks.
“Security awareness training should also be part of the security layer. Certain users, those who have a propensity to click or those who are more prone to attack, should have isolation technology deployed so that their email activity operates within a containerized environment,” Witt adds. “Healthcare increasingly is adopting cloud-based solutions, so a cloud access security broker should be deployed in those scenarios. Finally, information protection solutions that include data loss prevention capabilities should be strongly deployed by healthcare institutions.”
2. Ransomware Continues to Challenge Healthcare Organizations
“Unfortunately, healthcare organizations continue to be targeted as the No. 1 sector in the ransomware space,” says Tapan Mehta, a healthcare industry solutions leader at Palo Alto Networks.
He explains that these attacks are coming from individuals as well as nation-state actors who are after patient data. The average ransomware payment in cases worked by Palo Alto’s incident responders rose to $925,162 during the first five months of 2022.
“The largest ransom was close to $10 million, and those numbers continue to increase in terms of attack frequency and the probability of healthcare organizations being willing to pay the ransom,” says Mehta. “They can’t be in a situation where their systems are down. and patients aren’t getting the care they need.”
3. Increasing IT Complexity Creates More Attack Vectors
Healthcare organizations are deploying more biomedical and Internet of Medical Things devices, which increase IT complexity and create more attack vectors for bad actors to target. In addition, Mehta points out, many existing legacy devices have a long shelf life (10 to 15 years for some) but don’t receive frequent software updates.
“If you look at this year’s data, there’s been a 123 percent spike in IoT-related attacks,” he says. “They’re the perfect entry points for attackers to break into a healthcare system. That’s part of the reason healthcare should segregate devices on a separate network rather than the same, converged network.”
As healthcare moves further in its cloud journey, hybrid or multicloud environments also complicate the IT landscape. Remote work also has led to an expansion of the organization’s IT perimeter, and Mehta says that 300- to 400-bed hospitals may have up to 500 apps running in their environment, from the electronic health record and picture archiving and communication systems to billing and human resources-related workflows. All these apps and devices need to be maintained and secured.
Click the banner below to discover how MDR can support your security strategy.