Identifying Cybersecurity Threats in Healthcare IT
Cybersecurity risk is pervasive; the sources of risk are vast and complex within today’s healthcare institutions. The first fact to accept when it comes to cybersecurity at your healthcare organization is that it is no longer a matter of IF you’ll be breached, it’s WHEN you will be breached.
You can start by looking at three different approaches to clarifying risk:
Risk from Malicious/Criminal Attacks
This could be the ransomware type attacks that we have seen so frequently over the last year where hackers take control of your system, access your data and demand a ransom in return. WannaCry and Petya/NotPetya are examples.
Systematic Error
Data loss due to system error of IT/IT enabled devices.
Human Error
Healthcare institutions have large numbers of employees in different departments and campuses with varying levels of understanding of IT and security, touching all the elements that could pose as a source of risk. Therefore, employees represent a significant portion of real risk in your environment.
Within these categories there are many sources of risk. Traditionally, when considering cyber-attacks, you might think of hacking through things like phishing emails – and these still occur. But as technology progresses, and hackers progress with it, we are faced with numerous new risk factors to consider.
Medical/Non-Medical Devices
Medical devices and handheld devices such as iPads and tablets are being used more frequently as hospitals become more digitalized. This risk increases substantially when you consider the number of personal handheld devices that are brought into the environment as well. Most expensive medical devices are IT-enabled and in many cases, are just plugged in to the hospital’s network (if you’re lucky the department will have told IT about it). Essentially, anything that records and monitors patient health/information is a point of risk for an attack.Third Party Access
Within healthcare institutions, we see many third-party companies onsite – this could be local authority, blue light services, construction, or any of your third-party contractors. These third-party vendors also carry a risk of breach. Also consider new smart buildings with list management systems and facilities management systems, all being plugged into the environment.Supporting Systems and Environment Issues
This comes back to people: who, and how many people in the organization have access privileges? For obvious reasons, this has a direct impact on the level of risk in your environment.Specific Attacks as a Source of Risk
We’ve touched on this above, these are your ransomware and malware type of targeted attacks.Distributed Denial of Services Attacks (DDoS)
This is something that has evolved over the years. Distributed denial of service attacks is where the network gets flooded with too much information and too many requests, which can ultimately disable or take down the network. This has evolved from being a group force attack, to an under the radar attack, and is ultimately still available on the dark web as a service in different forms.The question for your organization becomes, if all of these sources of threats are constantly manifesting and evolving, how do you approach securing your organization’s patient data?
For more information on cybersecurity, or to be informed when the next addition to our cybersecurity Series will be published, make sure to subscribe to our blog.