GUEST COLUMN:
Jonathan Stock
Chief Information Risk Officer
PureCyber
The healthcare sector is, and always will be, a prime target for cybercriminals.
Not only is there a chance to access sensitive data, but there is also a chance to cause as much disruption as possible, an attractive concept to cyber criminals. Disruption within the health sector can translate into longer wait times, treatment cancellations, and even lost lives.
Recent incidents highlight how vulnerable the healthcare industry, and the technology businesses that support the sector, are to cyber threats, making robust security measures imperative.
The data managed by the health sector, such as sensitive medical records, is widely known to be particularly attractive to malicious parties, but gaining access to medical research and intellectual property is also a highly lucrative area for attackers. These assets will generate exceptionally high value on the dark web, hence the reason why the industry is so highly targeted.
Ransomware continues to be one of the most formidable threats to the healthcare industry. The disruptive nature of these attacks can potentially cripple healthcare systems, delaying critical medical services and putting lives at risk. The infamous WannaCry attack in 2017, which affected thousands of NHS sites after a vulnerability in an outdated version of Windows was exploited by attackers, is a stark reminder of the havoc ransomware can cause when systems are not kept up to date.
Healthcare is a highly interconnected industry, with numerous suppliers and partners. This interconnectedness extends the attack surface, creating additional vulnerabilities. This was the situation in June this year when the Synnovis cyber-attack demonstrated the disruption that ransomware can have against the healthcare sector with several major London hospitals declaring major incidents.
Initially caused by a supply chain attack, Synnovis has said it will be early autumn before all services are fully operational again. The attack meant that operations were cancelled and blood testing delayed.
Phishing attacks still pose a serious threat to the healthcare industry and are typically the point of entry for most cyber-attacks. Criminals often exploit human error to gain access to sensitive information. In the healthcare sector, where staff may not always have extensive cybersecurity training, phishing can be an effective means of breaching defences.
To address these challenges, the healthcare industry needs to adopt a strong approach to cyber security. However, this also has its inherent challenges.
One of the main improvements is that healthcare organisations must prioritise the modernisation of IT infrastructure. Investing in up-to-date systems that are less vulnerable to attacks is crucial. Sadly, there are financial and resource constraints which are always valid concerns, however, the cost of a major cyber incident far outweighs the investment in preventive measures. If the modernisation of the IT infrastructure cannot be achieved, then a risk mitigation tactic must be adopted, where vulnerable systems and applications are isolated from the main network, while also being kept internally facing with limited reach to the wider internet, and have additional security controls in place.
Secondly, cyber security training for healthcare staff is essential. By raising awareness and providing comprehensive training, organisations can significantly reduce the risk of phishing attacks and other human error-related vulnerabilities.
Thirdly, healthcare organisations should collaborate with their suppliers to ensure they meet the necessary security requirements. If that’s not possible, then the risks of those suppliers need to be understood and addressed formally so that there is visibility over any weaknesses within the supply chain process.
Lastly, continuous monitoring and improvement of cyber security measures are important. The cyber threat landscape is constantly evolving, and healthcare organisations must stay ahead of the curve and remain informed about latest threats and best practices. Introducing regular security audits and penetration testing as critical aspects of your operational policies will help to maintain a strong security posture.
By addressing vulnerabilities, modernising systems, enforcing robust security standards across the supply chain, and providing comprehensive training, we can better protect this vital industry.
The health and safety of patients depend on it.
If you’d like to know more about getting your team skilled in cyber, take a look at Cyber Innovation Hub’s short, hands on upskilling courses