Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:00 PM

4 Ways Health Centers Can Stop the Spread of Cyberattacks

Health centers must shift the perception of cyberattacks from potential risk to real threat in order to take the first step toward a safer, healthier security posture.

The intense pressures currently pushing on health centers don't stop at the lines of patients waiting to be treated or vaccinated. First, there's the obvious spike in attacks that have come with COVID — take, for example, the 50% increase in the number healthcare-related security breaches witnessed by the Department of Health and Human Services in the first half of 2020 alone. Complicating the problem is the common use of legacy technology with little to no strong authentication. And on top of that, these organizations are typically resource-strapped with budgets often allocated toward medical supplies and treatments rather than security.

Related Content:

Medical Imaging Leaks Highlight Unhealthy Security Practices

Special Report: Understanding Your Cyber Attackers

New From The Edge: Breach Etiquette: How to Mind Your Manners When It Matters

So, how can health centers finally close the security gap while maintaining the flexibility, convenience, security, and speed that are necessary in these environments? It boils down to four dimensions:

1. Harden your foundation. Think about it this way: The most stunning castle is nothing if it's built on sand. In this analogy, the health center is the castle, and outdated systems are the sand. In order to swap that sand for a sturdy slab of cement, organizations must harden their foundations by establishing trust zones to ensure the right users have access to the right information — and nothing more. On top of that, sensitive data at rest should be encrypted to further prevent unauthorized access. You never know if a bad actor will make it through that wall of cement, so you must prepare for everything.

2. Compartmentalize your environment. Think the sand/cement analogy helped you prepare enough? Think again. Similar to different fire compartments in building, you want to isolate different zones in your environment. Without such isolation, if threat actors gain access to your systems, they can spread like a disease, moving laterally to spread malware across critical systems, steal confidential patient information, and more.

3. Filter your flow. While strong walls are important, you also need to secure what's coming in and out of the door. Health centers must filter the applications that they bring onto their devices to ensure the integrity of the data that's coming in. Without closely examining this information, these organizations face the risk of supply chain attacks, and let's be honest, no one has time for another SolarWinds.

4. Authenticate, authenticate, authenticate. On top of all of these precautions, health centers also must place a greater emphasis on strong authentication when resources are accessed. Next-generation authentication makes sure only legitimate entities get access to the information they're authorized to interact with — protecting against the attacks that scale easily, such as phishing and credential stuffing. In addition, by adopting standards-based authentication, these protocols will pair the security necessary to protect networks with the convenience necessary to allow practical use and to work quickly in potentially life-threatening situations. This approach of authenticating access to resources independent of the source of this request is often referred to as zero trust.

Seems fairly simple and reasonable enough, right? Unfortunately, there's one piece we still haven't addressed. For health centers, arguably the most challenging aspect of closing the security gap is getting the budgets necessary to do so.

In order to make a compelling argument, you must understand and convey the following to your organizations' decision makers: Historically, health organizations have evaluated security in a certain way. Compared with the countless medical risks, a major security breach used to be seen as one in a million — all things considered, a calculated risk worth taking. But now we have new data, and. a breach isn't as low of a risk as we previously thought. Breaches are more sophisticated and more frequent. A breach no longer means just stealing a username/password; attacks are complex and scalable, layering multiple approaches like phishing, malware, and more. We need to reassess risk from one in a million to one in a thousand and respond accordingly.

Only by shifting the perception of cyberattacks from a potential risk to a real threat will health centers be able to take the first step toward a safer, healthier security posture.

Dr. Rolf Lindemann is responsible for the development and strategy of the Nok Nok Labs' products and solutions. Bringing more than 20 years of experience in product management, R&D, and operations from the IT security industry, he has deep knowledge of security markets and ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-17
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivile...
PUBLISHED: 2021-04-17
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (ker...
PUBLISHED: 2021-04-17
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS Build 20210202 and later Q...
PUBLISHED: 2021-04-17
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia C...
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...