By: Dana Katz, Head of Product Marketing, Threat Prevention at Check Point Software Technologies
Today, hospitals are connected like never before with cloud, mobile, and IoT technologies that improve their efficiency and quality of service. However, these changes have punched holes in the “good old” security perimeter and have created more entry points for hackers to target. And they do…
With ~40M patient records exposed in 2019, healthcare organisations continue to experience an increase in the number of data breaches, year over year . Ransomware is also a prevalent threat; In June 2019, five US healthcare providers reported ransomware attacks in a single week .
This alarming trend poses a significant financial risk to hospitals. The costs involved in recovering damaged reputation, as well as the risk of legal liability and fines for HIPAA noncompliance can be enormous. The average cost of a breach in the healthcare industry is US$6.45M (which 65% higher than the average cost in all other industries ).
But what makes hospitals so vulnerable to cyber threats?
Medical Records are the crown jewel for hackers
Stolen Electronic Healthcare Records (EHR) can be sold on the darknet for up to US$1,000. By comparison, social security numbers and credit card information usually sell for US$1 and up to US$110, respectively . EHRs contain information that is harder to cancel/recover once stolen (PII, insurance, policy numbers, medical diagnoses, billing information). This information is often used by fraudsters to create fake IDs, to purchase medical equipment or drugs, or to file a false insurance claim.
Medical staffs are lacking cyber-security awareness
Saving lives and treating patients is the top priority for hospitals’ workforce, which makes them more prone to incautious behaviour when it comes to their hospitals’ security regulations and policies. To make things even worse, nearly a third of the healthcare workforce (32%) said that they had never received cybersecurity training from their workplace but should have . This lack of awareness, combined with increasing usage of mobile devices, tablets, and laptops, result in improper handling and storage of patient files, credential theft via phishing attacks, download/distribution of malicious files, and more.
Connected Devices are Hospitals’ weakest link
It is estimated that there are 15-20 IoT and connected medical devices per hospital bed, from infusion pumps and patient monitors to MRI machines. These devices are usually running on unpatched/legacy operating systems, which makes them highly vulnerable and easy to hack. This IoT security gap remains unattended as hospitals rarely can afford to have their systems down to be patched – even for just a few hours. Having 24×7 access to critical medical devices and patient data is crucial.
Zero Trust Security in hospitals is essential
The healthcare sector stands out due to the majority of breaches (59%) being associated with internal actors (while only 42% associated with external) . That means – in hospitals internal human error and misuse occur much more frequently than hacking.
Therefore, traditional security approaches have become dangerously ineffective since they are based on the outdated assumption that everything inside the security perimeter can be trusted.
Today, an enormous amount of sensitive medical information transfers between connected medical devices, cloud-based electronic health records (EHR) systems, medical staff workstations mobile devices and tablets, and digital applications for patients.
To maintain optimal security posture in such a “Perimeter everywhere” environment, it has become essential to adopt the Zero Trust Security model. Proper Zero Trust implementation enables effective monitoring and flagging of unusual and/or inappropriate access to data that is not necessary for valid business use or required for patient care.
However, rebuilding your hospital security infrastructure around a Zero Trust approach using disparate technologies might lead to complexities and inherent security gaps. To avoid that, Check Point offers a more practical and holistic approach to implement Zero Trust, based on single consolidated cybersecurity architecture, Check Point Infinity.