Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

3/2/2021
01:00 PM
50%
50%

4 Ways Health Centers Can Stop the Spread of Cyberattacks

Health centers must shift the perception of cyberattacks from potential risk to real threat in order to take the first step toward a safer, healthier security posture.

The intense pressures currently pushing on health centers don't stop at the lines of patients waiting to be treated or vaccinated. First, there's the obvious spike in attacks that have come with COVID — take, for example, the 50% increase in the number healthcare-related security breaches witnessed by the Department of Health and Human Services in the first half of 2020 alone. Complicating the problem is the common use of legacy technology with little to no strong authentication. And on top of that, these organizations are typically resource-strapped with budgets often allocated toward medical supplies and treatments rather than security.

Related Content:

Medical Imaging Leaks Highlight Unhealthy Security Practices

Special Report: Understanding Your Cyber Attackers

New From The Edge: Breach Etiquette: How to Mind Your Manners When It Matters

So, how can health centers finally close the security gap while maintaining the flexibility, convenience, security, and speed that are necessary in these environments? It boils down to four dimensions:

1. Harden your foundation. Think about it this way: The most stunning castle is nothing if it's built on sand. In this analogy, the health center is the castle, and outdated systems are the sand. In order to swap that sand for a sturdy slab of cement, organizations must harden their foundations by establishing trust zones to ensure the right users have access to the right information — and nothing more. On top of that, sensitive data at rest should be encrypted to further prevent unauthorized access. You never know if a bad actor will make it through that wall of cement, so you must prepare for everything.

2. Compartmentalize your environment. Think the sand/cement analogy helped you prepare enough? Think again. Similar to different fire compartments in building, you want to isolate different zones in your environment. Without such isolation, if threat actors gain access to your systems, they can spread like a disease, moving laterally to spread malware across critical systems, steal confidential patient information, and more.

3. Filter your flow. While strong walls are important, you also need to secure what's coming in and out of the door. Health centers must filter the applications that they bring onto their devices to ensure the integrity of the data that's coming in. Without closely examining this information, these organizations face the risk of supply chain attacks, and let's be honest, no one has time for another SolarWinds.

4. Authenticate, authenticate, authenticate. On top of all of these precautions, health centers also must place a greater emphasis on strong authentication when resources are accessed. Next-generation authentication makes sure only legitimate entities get access to the information they're authorized to interact with — protecting against the attacks that scale easily, such as phishing and credential stuffing. In addition, by adopting standards-based authentication, these protocols will pair the security necessary to protect networks with the convenience necessary to allow practical use and to work quickly in potentially life-threatening situations. This approach of authenticating access to resources independent of the source of this request is often referred to as zero trust.

Seems fairly simple and reasonable enough, right? Unfortunately, there's one piece we still haven't addressed. For health centers, arguably the most challenging aspect of closing the security gap is getting the budgets necessary to do so.

In order to make a compelling argument, you must understand and convey the following to your organizations' decision makers: Historically, health organizations have evaluated security in a certain way. Compared with the countless medical risks, a major security breach used to be seen as one in a million — all things considered, a calculated risk worth taking. But now we have new data, and. a breach isn't as low of a risk as we previously thought. Breaches are more sophisticated and more frequent. A breach no longer means just stealing a username/password; attacks are complex and scalable, layering multiple approaches like phishing, malware, and more. We need to reassess risk from one in a million to one in a thousand and respond accordingly.

Only by shifting the perception of cyberattacks from a potential risk to a real threat will health centers be able to take the first step toward a safer, healthier security posture.

Dr. Rolf Lindemann is responsible for the development and strategy of the Nok Nok Labs' products and solutions. Bringing more than 20 years of experience in product management, R&D, and operations from the IT security industry, he has deep knowledge of security markets and ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: "Elon, I think our cover's been blown."
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31597
PUBLISHED: 2021-04-23
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2297
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2298
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
CVE-2021-2299
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...