Why Cyber Attacks are increasing in Healthcare Industry – A Quick Insight

Cyber Attacks are alarmingly increasing; according to a new report, titled “Anatomy of an Attack—Medical Device Hijack 2” (MEDJACK 2), from TrapX security.

Hospitals have fallen victim to hackers who now easily find their way into medical devices and control them. Multiple incidents in the last year have identified a steadily growing trend of ransomware attacks on healthcare organizations.  Hospitals, in particular, are vulnerable. Hackers hit Hollywood Presbyterian Medical Center in Los Angeles, extorting $17,000 in bitcoin out of the leadership, and Kentucky-based Methodist Hospital, which declared a state of emergency after an attack. Two southern California hospitals, part of Prime Healthcare Services, were attacked in March 2016. This is likely grow in the future so all healthcare organisations must take time to constantly evaluate and improve their defense against such cyber attacks.

Why are Healthcare organizations becoming easy targets for cyber attacks?

Hospital IT systems are notoriously fragmented and complex, with networks crossing wards, laboratories and offices. They are also among the most vital and important in any organization – because if their systems go down, people’s lives may be at risk. This makes healthcare organisations the perfect victims for Ransomware.

How do hackers attack the healthcare industry these days ?

Security systems of healthcare organizations tend to be less mature than those of other industries, such as banking and tech, and its doctors and nurses depend on data to perform time-sensitive, life-saving work. Where a financial-services firm might spend a third of its budget on information technology, hospitals spend only about 2 to 3 percent, says John Halamka, the chief information officer of Beth Israel Deaconess Medical Center in Boston.

Once hackers find a way into a hospital network through social engineering techniques like Phishing, they carefully seek out the largest repositories of detailed patient data, which is often the picture archive and communications systems (PACS). PACS provides a hospital’s radiology department with images from multiple devices (e.g. CT, MRI, X-Ray and ultrasound equipment).  PACS holds a central role in a health care network, with hospital clinicians, ambulatory physicians, diagnostic laboratories all depositing, accessing or updating data within the PACS systems. This makes it a perfect target for cyber attacks. By attacking and controlling the PACS, the attackers manage to gain unauthorized access to a workstation used by nurses. The attackers then manage to exfiltrate data without being detected. In this case, the stolen records will be sent to a command and control server. Researchers determined that the attackers breach a healthcare organization after an employee of the organization visits a malicious website set up to deliver malware. If the malware infects PACS, it can not be scanned and remediated and the system will eventually become instrumental for the attackers to intensify their attack.

What needs to be done to prevent healthcare organizations from cyber attacks ?

As a preventive measure, it’s recommended that healthcare organizations review and update their contracts with their medical device suppliers. These contracts should address the detection, remediation and refurbishment of medical devices sold by the supplier that later become infected by malware. It’s also recommended that healthcare organizations must have a test process in place to determine if their medical devices are infected or not, and their suppliers must have a documented standard process for remediation and rebuilding devices when they’re exploited by hackers.

Healthcare organizations must make sure they routine back up their critical data around PACS and other critical systems. Hospitals need to ensure that they bring in a robust end point protection suite into practice which will safeguard all the end point IT Systems in their network.  Finally, hospitals need to educate their staff and provide them with the necessary awareness on phishing emails, malware filled websites and social engineering techniques through which the Ransomware kind of malware attacks are planned against healthcare organizations.


Arrange a Conversation 


Article by channel:

Read more articles tagged: Featured, Hacking, Malware, Ransomware, Social Engineering

Cyber Security