Vectra: Healthcare IoT Devices and Unsecured Networks Make Industry a Target for Cyber Attacks
- A mix of healthcare IoT devices, unpartitioned networks, and reliance on legacy systems makes healthcare systems targets for attackers.
- Human error and system misuse more prevalent than ransomware nowadays.
Healthcare data is of utmost importance and sensitivity. Unfortunately, the proliferation of healthcare IoT devices, as well as unpartitioned networks, insufficient access controls and the reliance on legacy systems has made healthcare data the main target for cybercriminals who want to steal personally identifiable information and protected health information, shows a new study from network threat detection company Vectra.
The fresh report shows that it has become more and more important nowadays to use machine learning and artificial intelligence to detect hidden threat behaviors in enterprise IT networks before cybercriminals get to spy on the networks and steal data.
In previous years, ransomware attacks made the healthcare industry shake in its boots since the data was so precious and there have been one too many cases where the hospitals chose to pay the ransom to get back the data. Nowadays, there's been a drop in such attacks, but the threat comes from a different direction, namely internal human error and misuse. In fact, out of the incidents they investigated, 203 featured human error, 185 malware, 139 hacking and 138 misuses.
While there are not many patients can do to keep their data safe, healthcare organizations can take numerous steps to protect information like this.
"When you factor in how long it takes to discover a digital breach and a lean security staff in many healthcare providers, it becomes apparent that healthcare needs the awareness of what happens inside their network to quickly know the difference between what is an attack or business as usual. It’s not acceptable to find out weeks, months or years after a breach occurs," Chris Morales, head of security analytics at Vectra told TechNadu.
He added that the best solution is to have 360-degree visibility inside the network, as well as real-time attacker detection, and prioritization of all detected threats. On the plus side, Morales adds that many healthcare providers are augmenting their security teams with AI to automate the hunt for cyber attackers in the network and to speed up incident response.
According to data, 12 percent of enterprise organizations have already deployed AI-based security analytics extensively, while 27% have deployed AI-based security analytics on a limited basis.
IoT Benefits and Risks
The IoT industry is somewhat notorious for the bad security surrounding its devices, although you'd expect them to do better when it comes to the tools that can be used in healthcare. The increased used of IoT devices in the medical field has some great benefits for patients, but it does make securing the healthcare systems a challenge due to the limited security controls these devices have.
"As emerging new medical technologies are adopted to improve healthcare delivery, it becomes increasingly important to strengthen security by understanding the technologies you have, how those technologies are being used, and receiving timely alerts when any unauthorized use occurs," said Robert Rivera, senior security engineer at Cooper University Health Care, a leading academic health system in Camden, New Jersey.
Have you ever had sensitive data stolen due to healthcare systems getting breached? Drop us a note in the comments section below and tell us all about it. Share the article online so others can find it too. Follow TechNadu on Facebook and Twitter for more tech news, guides, reviews, and interviews.