Hospital & Healthcare Technology - Case Study

Category

Case Study

 

The healthcare industry is facing an ever-growing cyber threat that has doubled in the last five years. Ransomware attacks are among the most common methods used to target healthcare systems, resulting in millions of people’s personal information being compromised and costing the healthcare systems millions of dollars. In this case study, we look at vulnerabilities that most impact the industry and how healthcare providers can protect themselves from cyber threats.

The Industry

Hackers understand the importance of saving lives and delivering quality patient care in the healthcare industry. They also know that technology plays a vital role in delivering that standard of care. We discovered a few key themes that help characterize why hackers are increasingly targeting healthcare systems and services compared to other industries:

Urgency

Hackers understand that technology outages can disrupt or halt a hospital's daily operations - which in many cases puts patients’ lives at risk. In healthcare, service availability isn’t just about the bottom line like it is for most other industries. Healthcare systems store confidential healthcare information, patient' financial information, and other personal data hackers can sell or use directly for identity theft and other criminal activities. Under these circumstances, hackers expect to receive a large ransom from the hospital with the compelling argument that it will ultimately “save lives”. If they successfully exfiltrate the data they also have the option to sell the stolen data on the dark web, turning it into an even larger profit. For example, in a ransomware attack on a northern California hospital in 2020, hackers hijacked multiple servers, encrypted the data and demanded 1.4 million US dollars as a ransom payment in exchange for the keys to decrypt the data.

Complexity

Modern healthcare organizations continuously adopt cutting edge technology and integrate it with legacy technology. This makes data protection more complicated for clinical and research centers. Healthcare facilities use complex networks of hardware, software, web and mobile-based apps, and cloud and on-prem data storage in connection with diverse medical devices to deliver efficient patient care. Each new technology provides a new entry point for hackers and stretches IT resources from maintaining existing technologies while requiring training to protect newer ones. The dynamic physical nature of healthcare operations promotes open networking which tends to create minimally segmented networks. Open networks are difficult to secure because if one device is infected, it could potentially infect the entire network and more manual lateral movement from one device to another is easier. Segmenting in these cases can become high maintenance in the form of exceptions management and extra monitoring.

Portability

The technology stored at rest and in transit allows doctors to retrieve or share patients’ medical records and histories instantly for better diagnostic accuracy and efficiency. This means that patient data needs to be accessed from many different locations across a hospital environment. Electronic medical records systems (EMRs) may need to maintain connectivity with computers, tablets, pagers, and smartphones used by staff members – as well as exchanged between one provider and another through health information exchanges (HIEs).


All of these interconnected devices are handled by different personnel throughout the day, and human error can lead to cybersecurity breaches at any given moment. The most common type of human error that leads to a cybersecurity breach is user negligence when handling sensitive data or equipment, such as forgetting to lock the device, downloading files without sufficient virus protection software, and not separating the work and personal usage of the connected devices. These and other human actions can expose organizations and important patient data to cybersecurity threats; a single human error can lead to devastating consequences for an entire organization.

“What can we do about it?”

Security Measures: Security measures such as firewalls, endpoint management, encryption technology, and multi-factor authentication, all work together to decrease risk. You need to ensure that all devices in your IT infrastructure are up to date with the latest updates and patches to prevent unauthorized access and quickly detect any attempts to breach the systems if they occur.

Security Awareness Training: Conduct regular employee training on cybersecurity best practices such as using strong passwords, multi-factor authentication, and never leaving devices unattended while handling or connected to a secure network or systems containing confidential information. Run exercises for employees on what steps must be taken when faced with a potential breach attempt or other suspicious activity.

 “What else can I do?”

Any when you’re ready to design the best cybersecurity strategy for your organization, reach out to our team of experts. Hive Systems offers Approachable Cybersecurity Awareness Training and ransomware readiness services tailored to your organization’s needs to help your organization and employees stay ahead of cybersecurity threats so that you can focus on patient care!

 

Follow us - stay ahead.


Read more of the ACT

Previous
Previous

Digital Banking - Case Study

Next
Next

Keep Calm and Check Your Public Wi-Fi Connection