Healthcare at the forefront of cybersecurity risks

Though we applaud and appreciate the hospitals and frontline workers during the time of pandemic by seeing the difficulties faced by them, but what we cant see is that the healthcare sector is struggling to deal with growing cybersecurity issues.

When the most sought after vaccine came into the market, it was seen as the light at the end of the tunnel. Little did we know that it posed a bigger threat for cyberattacks. Another thing that makes hospitals more vulnerable now as compared to the past is the increased number of connected medical devices also known as the Internet of Medical Things (IoMT). Just like any other smart device or IoT device making tasks a breeze, network-connected medical devices make healthcare more efficient and enable better patient care. With more connected devices comes a higher chance of cyber threats.

Jawad Toukna, Director of Regional Sales, Emerging Region, Forcepoint

Private patient information being worth a lot of money and medical devices with an easy entry point for attackers, the list is endless for why healthcare sector is seen as the prime location for hackers. The pandemic situation just added fuel to fire. Jawad Toukna, Director of Regional Sales, Emerging Region, Forcepoint says how the pandemic encouraged healthcare sectors for digital transformation by delivering services virtually and remotely and widespread adoption of new cloud-based videoconferencing and messaging applications.

“Unfortunately, these changes also exposed more security risks. Patient data is now accessed remotely by a far broader set of healthcare professionals. The data surrounding the vaccine became incredibly valuable. No wonder that the BBC even quoted that the pandemic leap-frogged the healthcare industry to the frontline of cybersecurity,” he added.

Emad Fahmy, Systems Engineering Manager, Middle East, NETSCOUT

The Middle East and the UAE saw a 250% increase in cyberattacks in the form of ransomware, phishing, or vaccine-related frauds. According to the NETSCOUT 2020 Threat Intelligence Report, there were 4.83 million DDoS attacks globally in the first half of 2020, up 15% from 2019.

“Attack frequency jumped 25% during the early pandemic lockdown months of March through June, and for the first time in history, we observed more than 10 million DDoS attacks in a single year. Hackers targeted e-commerce, healthcare, and online educational services–all critical to the functioning of pandemic-impacted societies,” said Emad Fahmy, Systems Engineering Manager, Middle East, NETSCOUT.

Vaccine posing a threat
As mentioned earlier, the advent of the vaccine posed a serious threat in the increase of cyberattacks. The European Medicines Agency announced that they were attacked and the hackers stole data relating to Pfizer and BioNTech Covid 19 vaccines. Pfizer and BioNTech said in separate statements that documents relating to the vaccine were unlawfully accessed.

The threat is not just regarding the data related to the vaccine. The global supply chain varies from factories in one country to internet-connected fridges in another. IBM has already mentioned a suspected hacker targeting the “cold chain” used to keep supplies at the right temperature.

“COVID-19 and vaccinations aren’t just a lure for actors to spread malware, but experts and authorities worldwide have raised the alarm for ransomware attacks exploiting the rollout. The COVID-19 vaccine trials have been hit by ransomware attacks that managed to slow them down, but due to the availability of backups, they managed to limit the damage. Malicious actors have their eyes set lower down the chain as well, targeting the supply of the vaccines. Research has shown attacks to harvest credentials of organisations involved with the cold chain to distribute the vaccine,” said Toukna.

Jens Monrad, Director, Head of Mandiant Intelligence for EMEA at FireEye

Jens Monrad, Director, Head of Mandiant Intelligence for EMEA at FireEye said that the previously observed cyber events targeting healthcare, pharmaceutical, and medical research organizations during the global pandemic, is feasible that threat actors may have an interest in targeting vaccine cold chains. “The risk of these incidents is especially relevant as the number of cold chain stakeholders, globally dispersed assets, and the increased importance of cold chains during pandemics could make cold chains attractive targets. Decision-makers and asset owners should ensure that operational technology (OT) systems that support cold chains are incorporated into regular risk assessments and mitigation strategies. When possible, asset owners should embrace system redundancy, limit access to control systems, and remove default configurations.”

The way through
Modern healthcare is one that is intertwined with technology. It is difficult to run a healthcare organisation without relying on IT as there are sophisticated machines used for diagnosis and massive data centers for storing patient records.

With the healthcare sector playing the role of the frontline in cyber attacks, there is an increased alert amongst the industry leaders. Times are strange when people are even taking advantage of difficult times. With proper business knowledge, meticulous planning and deep technical know-how, it is possible to keep the hackers at bay.

“The industry has adopted several cloud-based applications that have increased the attack surface for actors to exploit. Using data protection technologies such as data loss prevention (DLP), cloud access security broker (CASB) and user activity monitoring (UBA) tools can improve cybersecurity in healthcare,” said Toukna. “Together, these technologies ensure that as health professionals interact with cloud applications to view electronic medical records, any anomalous behaviour which may put those records at risk is spotted and stopped,” he added.

Fahmy added to this that healthcare technology continues to innovate as it takes a more patient-care centric approach to deliver healthcare services. “Hospitals look for ways to facilitate the process of tending to a patient, securely and cost-effectively. As fraudsters attack with their ever-evolving tactics, there is a well-recognized need for greater visibility into the data crossing healthcare networks and a view of how to better manage the technology itself.”