Published on January 27th, 2023 📆 | 7022 Views ⚑
0High Awareness, Low Preparedness — The State Of Cybersecurity In Healthcare
Adopting a Zero Trust approach should be a top priority for healthcare providers going into 2023. With these renewed security frameworks in place, both — healthcare service providers and patients will be able to breathe a collective, much needed sigh of relief.
The pandemic proved to be a challenging period for global healthcare providers, not only in terms of the vast number of patients they had to care for but also the countless cybersecurity attacks to which they were subjected. Unit 42, the threat intelligence group at Palo Alto Networks, found that healthcare was the most targeted vertical for ransomware at the peak of the pandemic. And now, just as the dust settled on this, we have witnessed multiple high-profile cyberattacks on prominent medical institutes across India. Yet again, the importance of securing medical infrastructure has been highlighted in the nation’s collective conscience, and rightly so.
The healthcare industry exhibits anomalous behaviour when it comes to cybersecurity. Despite a high level of awareness about its importance, there is a surprisingly low level of preparedness to deal with attacks of any substantial scale. This was best exemplified when about three-quarters of the 200,000 infusion pumps examined by Unit 42 had known security vulnerabilities that attackers could target.
This was despite the existence of vast pools of knowledge on how to secure devices against these specific threat vectors. This is particularly worrisome for life-critical devices as they hold extremely sensitive patient data — on both health and identity — that is valuable to bad actors for multiple reasons. Considering their life-critical nature, patching these devices to mitigate known or unknown vulnerabilities is rarely an option. This also extends to non-critical medical devices, as their usable life can far exceed their supported life.
What’s more, the boundaries of healthcare institutes today go beyond the traditional hospital perimeter to ambulatory sites and patient-centred medical homes (PCMH). This new environment increases the attack surface and makes it logistically tougher to orchestrate and deploy robust security measures efficiently. As the healthcare sector does not merely deal with confidential data but often has lives at stake, it can fall victim to nation-state attackers whose motives may be far more macabre than those of the average ransomware actor.
On considering the findings in Unit 42’s 2020 IoT Ransomware Threat Report, which states that IoT and OT devices make up more than 30% of corporate networks, 98% of these see unencrypted traffic, and more than half of them are vulnerable to medium or high-severity attacks, it is clear that the stage for cyber attackers is set. If these risks were not enough when considered in tandem with the countless benefits of a secure healthcare stack, taking the time to ensure robust healthcare security becomes a no-brainer.
When dealing with high-profile cyberattacks on medical infrastructure, it is important to recognize that such attacks take advantage of the need to keep these systems up and running continuously. Apart from medical hardware devices, software that deals with sensitive information, such as Electronic Medical Records (EMR) and Picture Archiving & Communication Systems (PACS), are also required to be operational 24/7.
As such, securing the healthcare cybersecurity stack requires great attention to detail, as even the smallest vulnerability is enough to invite a great deal of damage. Ensuring the proper safety of these systems going forward involves a comprehensive Zero Trust as a cybersecurity strategy that protects a healthcare organisation by eliminating implicit trust and continuously validating every stage of digital interaction. The Zero Trust framework focuses on resource protection and the premise that trust is never granted implicitly. Rather, it must be continually evaluated.
A Zero Trust framework will lead to a more secure network that would ensure the following:
In 2023, healthcare providers will continue to be high-value targets for cyberattacks. This will be further compounded by the increasing ubiquity of novel healthcare technologies like remote diagnosis and virtual healthcare and extraneous factors such as the accelerated adoption of 5G connectivity and the increased emphasis on data sovereignty. As such, securing medical IoT devices as we move into the new year will be absolutely critical. Despite it being hard to find anybody who would readily debate the immense importance of securing the healthcare sector, medical institutes have a long way to go when efficiently implementing these robust frameworks.
Adopting a Zero Trust approach should be a top priority for healthcare providers going into 2023. With these renewed security frameworks in place, both — healthcare service providers and patients will be able to breathe a collective, much needed sigh of relief.
— The author is Senior Vice President and GM at Palo Alto Networks. Views expressed herein are his own.
Gloss