Tomasz Kowalski, CEO, Secfense
According to Trustwave report, medical data can cost up to $250 per record on the black market, while stolen payment card data sells for $5.40. This is why healthcare organizations are a prime vector for cybercriminal attacks. How to defend them? The right approach is usually to secure the accounts of all staff in the clinic or hospital by securing the areas where attacks are most frequent.
Zero trust security is a cybersecurity concept that refers to the complete lack of trust in users, systems or services within a network. What does this mean and how does it relate to safety in the healthcare industry? Zero Trust relies on 100% confidence that the right people are on the other side of the computer, not thieves trying to take over your sensitive data.
Medical data worth gold!
Medical data is very attractive to cybercriminals. Mainly because the intruders know how to cash out. The theft of medical data can threaten the reputation of an individual or institution and cause enormous damage. That’s why every healthcare facility needs to revamp its approach to IT security as soon as possible and always check, never trust, based on strict user authorizations, permission restrictions and restrictions on access to healthcare resources.
One of the latest media attacks on healthcare institutions was an intruder’s attempt to break into a healthcare institution’s computer. AstraZeneca Employees (including those engaged in the development of a COVID-19 vaccine).
North Korean cybercriminals have used phishing and social engineering to impersonate recruiters. According to the Wall Street Journal The attackers also tried to steal vaccine information from Johnson & Johnson and Novovax, as well as three South Korean pharmaceutical companies.
two-step verification
Credential theft (employee passwords and logins) is one of the most common causes of attacks on healthcare organizations today.
Cybercriminals usually send e-mails designed to trick you into thinking that the message came from a legitimate source and obtain your credentials. As in the case of attacks on AstraZeneca, malicious actors often use WhatsApp or LinkedIn messengers.
Why does this happen? The healthcare industry is one of the worst industries when it comes to data security knowledge. Data from Wombat Security’s Learning Management System found that, on average, health care workers answered 23% of best practice questions incorrectly. Scammers know it very well. In difficult times related to the pandemic, they will only have easier access to very valuable information, and they can pay a hefty ransom (ransomware attack) for example.
User Access Security Broker is a cybersecurity approach consistent with a zero trust security approach. Trigger MFA during the login session of any hospital or clinic web application, regardless of whether the person logging in is currently at the facility or working remotely. Employees must enter a one-time code or verify their identity via facial biometrics or fingerprints before entering an application or system.
Importantly, MFA’s integration occurs without changing the code of the protected application. This essentially means that security brokers can add multi-factor authentication to any employee’s account in any number of applications, without follow-up support for IT professionals that are constantly lacking in the healthcare sector. It also provides convenient scalability by simply and quickly adding users and protected resources of any number and complexity. Organizations are also not required to share information with third parties. You can easily apply strong authentication to your current infrastructure without lengthy and tedious programming. This is important for dynamically developing private hospitals and clinics.
Cybercriminals exploit epidemics very effectively and target weaknesses in health care systems. As such, healthcare facilities will ultimately have to perform a very difficult task, protecting not only the selected ones, but actually all the applications that their employees use on a daily basis. This could mean using advanced analytics to track identities on the network, perform multi-factor authentication, and enforce “least-privilege policies” for specific accounts.
One thing to remember is that for attacks that are precise and increasingly sophisticated, flexibility, scalability and responsiveness will be key factors affecting the end result. A well-thought-out choice in this context really works. The cost of medical attacks is growing exponentially, as prolonged system downtime not only hampers and often paralyzes patient care.
About the author
Tomasz Kowalski is the CEO and co-founder of Secfense. He has nearly 20 years of experience in selling IT technology. He has been involved in hundreds of hardware and software implementations in large and small businesses in the financial communications, industrial and military sectors. Tomasz is available online at tomek@secfense.com, Thomas Kowalski | LinkedIn) and on our website https://secfense.com/
Fair Use Notice: “Fair use” laws allow other authors to make limited use of the original author’s work without permission. Under 17 US Code § 107, “It is not copyright infringement to use copyrighted material for purposes such as criticism, commentary, news reporting, education (including multiple copies for classroom use), scholarship, or research.” As a matter of policy, fair use is based on the belief that the public is free to use portions of copyrighted material for the purposes of comment and criticism. Fair use privileges are perhaps the most important restrictions on the exclusive rights of copyright owners. Cyber Defense Media Group is a news reporting company that reports cyber news, events, information and more free of charge on its website Cyber Defense Magazine. All images and reporting are conducted exclusively in accordance with the fair use of US copyright laws.