{"id":13206,"date":"2017-07-05T19:44:28","date_gmt":"2017-07-05T19:44:28","guid":{"rendered":"https:\/\/digital-sentinel.com\/?p=13206"},"modified":"2017-10-01T10:32:47","modified_gmt":"2017-10-01T10:32:47","slug":"healthcare-safe-cyber-attacks","status":"publish","type":"post","link":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/","title":{"rendered":"Is healthcare safe from cyber attacks?"},"content":{"rendered":"

And if not, what needs to be done to ensure greater security in the future?<\/h2>\n
\n

Healthcare systems have a critical place in almost every country around the world, but they\u2019re increasingly becoming a lucrative target for hackers. Just last month, the National Health Service fell victim to the\u00a0WannaCry global ransomware attack<\/a>, which targeted computers and networks running Windows.<\/p>\n

Around 40 hospital trusts in the UK were affected by the attack, with doctors and healthcare professionals unable to access vital computing resources and medical records unless they paid a Bitcoin ransom. As a result, they had to cancel operations and appointments, causing potentially life-threatening scenarios.<\/p>\n

In a similar case,\u00a0a hacker managed<\/a>\u00a0to compromise Atlanta-based Emory Healthcare\u2019s patient database and delete vital appointment data. They were also able to access patient information such as names, dates of birth, contact information and medical record numbers. Overall, around 80,000 patients were affected by the hack.<\/p>\n

The risks are clearly great. Hospitals are also reliant on highly technological medical appliances – from sophisticated scanners to operation equipment – and the ramifications could be life-threatening if a cyber criminal were to compromise them. There\u2019s clearly a vital need for effective cyber security procedures.<\/p>\n

<\/div>\n

Systems can\u2019t be updated easily<\/strong><\/p>\n

Despite making investment in new technologies, healthcare organisations are often a lucrative target for cyber criminals predominantly because they rely still rely on ageing infrastructure and overstretched budgets. They simply don\u2019t have the means to cope when a large scale occurs, and that\u2019s a concern to many.<\/p>\n

John Bambenek, threat intelligence manager at Fidelis Cybersecurity, says one of the biggest issues here is that healthcare organisations use embedded operating systems that can\u2019t easily be patched due to patient safety regulations.<\/p>\n

\u201cAs proven by the recent spate of hackers targeting the public sector, the healthcare system is far from immune when it comes to cyber attacks. Indeed, it is unfortunately a lucrative target,\u201d he says.<\/p>\n

\u201cThe chief issue in healthcare is that some medical devices have embedded operating systems, largely Windows-based. While the operating systems are updated constantly with new patches, due to medical regulations in patient safety, the devices can\u2019t be patched as quickly. There is also a disparity between operating systems that are designed to last only years, compared to devices that have a lifetime of decades. Clearly, the technological and regulatory risks of this situation were never fully considered.<\/p>\n

He adds that healthcare professionals are increasingly being exposed to ransomware attacks, where they\u2019re expected to pay a financial sum to regain control of critical data. \u00a0\u201cMost recently, this has materialised in ransomware attacks, where hackers demand bitcoin for control of the data to be passed back to its owner.<\/p>\n

There is also the high probability, however, that organisations within the health industry have or will fall victim to other types of attack, such as DDoS or SQL injection attacks, not to mention the number of complementary tactics cyber criminals use; such as phishing and credential re-use,\u201d he tells IT Pro.<\/p>\n

Legacy technology is dangerous<\/strong><\/p>\n

Paul Calatayud, chief technology officer at FireMon, also takes the view that legacy technology is causing major problems for hospitals. He believes that they need to begin investing in new intelligence tools so they can get a more accurate overview of their systems, even if budgets are tight.<\/p>\n

\u201cHospital networks continue to be an easy target for attackers as these systems were often set up decades ago. To aid IT Security professionals, they need the intelligence tools that give them complete visibility into their security infrastructure and can ensure the right access is given to the right people,\u201d he says.<\/p>\n

\u201cThis starts by employing proper management who can see the whole security infrastructure and make sound security decisions based on this information provided. Deploying proper firewall policy auditing is a quick and easy way to begin to identify these more outdated services. Using Secure File Transfer Protocol (SFTP) tied to active directory would greatly reduce the risks. The WannaCry attack highlighted how fragile hospital security is so you would hope new adequate security and risk management systems are being implemented to reduce the complexity levels within modern day hospital security.\u201d<\/p>\n

Nik Whitfield, CEO of security intelligence solutions provider Panaseer, advises healthcare operators to invest in up-to-date technology and develop an understanding of cyber security practices.<\/p>\n

\u201cHealthcare organisations of all sizes are exposed to the risk of destructive malware. The key for executives is to develop and maintain cyber hygiene to manage their exposure to the impact of attacks. This includes understanding the risks of old IT systems and decisions not to upgrade technology,\u201d he says.<\/p>\n

\u201cThey don’t need to become experts in this kind of threat. Just like people don\u2019t need to know about every possible disease; we just need to eat well, stay hydrated, wash our hands and so on. Then, most of the time we\u2019ll be fine. We don’t need to become experts in every disease. Similarly, every healthcare organisation needs to maintain a level of good cyber hygiene: they need to understand what assets they have, keep software up to date, patch regularly, and educate their employees. This can stop the vast majority of attacks.”<\/p>\n

Lucrative opportunity for hackers<\/strong><\/p>\n

Neil Bramley, B2B client solutions business unit director at Toshiba Northern Europe, says cyber criminals are targeting healthcare organisations because of the amount of personal data available. However, he also argues that mobile-oriented remote working can act as a gateway for hackers. \u201dWith significant amounts of highly sensitive Personally Identifiable Information (PII) at the heart of day-to-day operations, healthcare organisations will increasingly find themselves a preferred target of cyber criminals,\u201d he says.<\/p>\n

\u201cThis is only heightened as healthcare professionals, enabled by mobile devices, begin to work on the move \u2013 for example, visiting patients at their homes or across different clinical settings. While such devices provide mobility and increased productivity, they may also act as a potential gateway for attackers, and organisations must put in place a security infrastructure which ensures patient data remains robustly protected.\u201d<\/p>\n

More areas at risk than others<\/strong><\/p>\n

Healthcare is a diverse field, and there are people out there who believe that some areas are at more risk than others. Martyn Williams, managing director of industrial software expert COPA-DATA UK, explains that the pharmaceutical sector is vulnerable to cyber attacks due to the fact that it\u2019s constantly looking for cheaper ways to produce medicine. The result? A lack of investment in new technology and systems.<\/p>\n

\u201cThe patent model in the pharmaceutical industry forces manufacturers to seek out the cheapest possible ways to produce medication. This results in a decreasing of investment in new machinery, ingredients, optimisation measures and most importantly, software.<\/p>\n

Bitsight, an organisation that measures how vulnerable companies and industries are to cyber-attacks, reported that cyber security attacks on the healthcare and pharmaceutical industries have worsened at a faster rate than other industry sectors,\u201d he tells us.<\/p>\n

\u201cWith the average \u2018clean up\u2019 time for these sectors following a cyber-attack at just over five days, there is certainly some cause for concern. Similarly, a report by OCISIA, in collaboration with the UK information intelligence experts, BAE Systems Detica, estimated the cost of cybercrime to the UK economy to be around \u00a327 billion annually. The same report named the pharmaceutical and biotech sectors amongst the hardest hit industries.<\/p>\n

\u201cIn the eyes of a cyber criminal, the pharmaceutical industry provides a treasure trove of valuable information. Organisations within the sector \u2013 from manufacturers to CROs and CMOs \u2013 can hold highly sensitive material, from personal patient data to confidential research on drug development and testing. This makes the pharmaceutical industry an attractive target for cyber attacks.\u201d<\/p>\n

If a healthcare system fails, then there\u2019s a chance that lives could be put at risk, and clearly that must be avoided at all costs. However, that\u2019s not stopping cyber criminals from compromising crucial medical systems. They see hospitals as easy targets, and this can only change through increased investment in effective cyber security and modern computing systems.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

And if not, what needs to be done to ensure greater security in […]<\/p>\n","protected":false},"author":3,"featured_media":13207,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[35],"tags":[],"yoast_head":"\nIs healthcare safe from cyber attacks? - Digital Sentinel<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Is healthcare safe from cyber attacks? - Digital Sentinel\" \/>\n<meta property=\"og:description\" content=\"And if not, what needs to be done to ensure greater security in […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Digital Sentinel\" \/>\n<meta property=\"article:published_time\" content=\"2017-07-05T19:44:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-10-01T10:32:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"620\" \/>\n\t<meta property=\"og:image:height\" content=\"349\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Digital-Sentinel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/digital-sentinel.com\/#organization\",\"name\":\"Digital Sentinel\",\"url\":\"https:\/\/digital-sentinel.com\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digital-sentinel.com\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif\",\"contentUrl\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif\",\"width\":613,\"height\":224,\"caption\":\"Digital Sentinel\"},\"image\":{\"@id\":\"https:\/\/digital-sentinel.com\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/digital-sentinel.com\/#website\",\"url\":\"https:\/\/digital-sentinel.com\/\",\"name\":\"Digital Sentinel\",\"description\":\"Profit Protection Technology\",\"publisher\":{\"@id\":\"https:\/\/digital-sentinel.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/digital-sentinel.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg\",\"contentUrl\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg\",\"width\":620,\"height\":349},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#webpage\",\"url\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/\",\"name\":\"Is healthcare safe from cyber attacks? - Digital Sentinel\",\"isPartOf\":{\"@id\":\"https:\/\/digital-sentinel.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#primaryimage\"},\"datePublished\":\"2017-07-05T19:44:28+00:00\",\"dateModified\":\"2017-10-01T10:32:47+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/digital-sentinel.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Is healthcare safe from cyber attacks?\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#webpage\"},\"author\":{\"@id\":\"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2\"},\"headline\":\"Is healthcare safe from cyber attacks?\",\"datePublished\":\"2017-07-05T19:44:28+00:00\",\"dateModified\":\"2017-10-01T10:32:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#webpage\"},\"wordCount\":1343,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/digital-sentinel.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg\",\"articleSection\":[\"healthcare\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2\",\"name\":\"Digital-Sentinel\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/digital-sentinel.com\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g\",\"caption\":\"Digital-Sentinel\"},\"url\":\"https:\/\/digital-sentinel.com\/author\/digital-sentinel\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Is healthcare safe from cyber attacks? - Digital Sentinel","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Is healthcare safe from cyber attacks? - Digital Sentinel","og_description":"And if not, what needs to be done to ensure greater security in […]","og_url":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/","og_site_name":"Digital Sentinel","article_published_time":"2017-07-05T19:44:28+00:00","article_modified_time":"2017-10-01T10:32:47+00:00","og_image":[{"width":620,"height":349,"url":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg","type":"image\/jpeg"}],"twitter_card":"summary","twitter_misc":{"Written by":"Digital-Sentinel","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/digital-sentinel.com\/#organization","name":"Digital Sentinel","url":"https:\/\/digital-sentinel.com\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/digital-sentinel.com\/#logo","inLanguage":"en-US","url":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif","contentUrl":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/Digital-Sentinel.gif","width":613,"height":224,"caption":"Digital Sentinel"},"image":{"@id":"https:\/\/digital-sentinel.com\/#logo"}},{"@type":"WebSite","@id":"https:\/\/digital-sentinel.com\/#website","url":"https:\/\/digital-sentinel.com\/","name":"Digital Sentinel","description":"Profit Protection Technology","publisher":{"@id":"https:\/\/digital-sentinel.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/digital-sentinel.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#primaryimage","inLanguage":"en-US","url":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg","contentUrl":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg","width":620,"height":349},{"@type":"WebPage","@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#webpage","url":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/","name":"Is healthcare safe from cyber attacks? - Digital Sentinel","isPartOf":{"@id":"https:\/\/digital-sentinel.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#primaryimage"},"datePublished":"2017-07-05T19:44:28+00:00","dateModified":"2017-10-01T10:32:47+00:00","breadcrumb":{"@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/digital-sentinel.com\/"},{"@type":"ListItem","position":2,"name":"Is healthcare safe from cyber attacks?"}]},{"@type":"Article","@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#article","isPartOf":{"@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#webpage"},"author":{"@id":"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2"},"headline":"Is healthcare safe from cyber attacks?","datePublished":"2017-07-05T19:44:28+00:00","dateModified":"2017-10-01T10:32:47+00:00","mainEntityOfPage":{"@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#webpage"},"wordCount":1343,"commentCount":0,"publisher":{"@id":"https:\/\/digital-sentinel.com\/#organization"},"image":{"@id":"https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/digital-sentinel.com\/wp-content\/uploads\/healthcare.jpg","articleSection":["healthcare"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/digital-sentinel.com\/healthcare\/healthcare-safe-cyber-attacks\/#respond"]}]},{"@type":"Person","@id":"https:\/\/digital-sentinel.com\/#\/schema\/person\/78a25f0a40a470633a45d6c98b60f0b2","name":"Digital-Sentinel","image":{"@type":"ImageObject","@id":"https:\/\/digital-sentinel.com\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/34ea0504bbaf2d4274b9488fb3281aa1?s=96&d=mm&r=g","caption":"Digital-Sentinel"},"url":"https:\/\/digital-sentinel.com\/author\/digital-sentinel\/"}]}},"_links":{"self":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/posts\/13206"}],"collection":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/comments?post=13206"}],"version-history":[{"count":0,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/posts\/13206\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/media\/13207"}],"wp:attachment":[{"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/media?parent=13206"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/categories?post=13206"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digital-sentinel.com\/wp-json\/wp\/v2\/tags?post=13206"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}