Cyber attacks in the COVID-19 era
Healthcare is an attractive area for cyber attackers. Security teams in healthcare organisations are typically smaller and less well-funded than in other sectors, and vast quantities of patient data is generated and accessed. An increased reliance on applications and data during the pandemic explains why cyberattacks have increased by 45 per cent globally since November 2020.
“The largest motivation for cyberattackers is financial gain” says Alastair Williams, Director of Solutions Engineering for EMEA at Skybox Security. “Patient information is incredibly valuable on the dark web. Identity theft is another reason. The more information you have, the more chances you have of being successful with assuming an individual's identity to register for bank accounts, credit cards or Amazon accounts.”
Blackmail is another motivation. “There can be situations where people have information about their medical history or current medical condition they don't want in the public domain” Williams explains. “Maybe they're suffering from an illness that would jeopardise their opportunities, or a celebrity is seeking medical assistance privately.”
Another aspect that must be taken into consideration is espionage. “There may be individuals looking to get a competitive gain with the development of COVID vaccines or types of treatment” Williams says.
Terry Ray, Senior Vice President at Imperva, says there's a multibillion dollar incentive for countries to manufacture their own vaccine. “People might think doctors and physicians are collaborating enough that everybody knows how everybody's doing, but there's still intellectual property at each one of their organisations, containing how they are getting mRNA results from their vaccines. If you're able to hack into one, and you have all of the intellectual property from these vendors, you can pick and choose and build it yourself, particularly in countries where there may be fewer trade laws and regulations.”
National vaccination programmes are presenting another opportunity for hackers. “Whenever a new iPhone gets released it's a major target for phishers, getting people to click on a link to see all the new features of iPhone” Ray explains. “Now think about COVID vaccine testing sites, with information on where vaccines are available. People will click on these links.
“My 77-year-old mother-in-law just got her vaccination. To do it she had to go to a website and sign up for a date and time. How is that website secured? What does it know about her? What’s sitting behind her information, that shows why she can get the vaccine instead of somebody else? We've seen a major uptick in people trying to get in and be able to gather that information in the last 90 days” Ray says.
There are also attacks designed simply to sow chaos. “There are some hackers that just like to cause problems” Williams says. “The medical industry may be impacted by that. A good example was the WannaCry ransomware attack back in 2017.” WannaCry was a worldwide attack that spread to more than 150 countries, and became the biggest cyberattack the UK’s National Health Service (NHS) had ever experienced. Malware encrypted data on computers belonging to 81 out of 236 NHS trusts across England; as a result thousands of appointments and operations were cancelled. A subsequent investigation found that this could have been prevented.
Ray says organisations should first address what he calls “low hanging fruit”. “The application side is the primary access point for everything that's going to happen anywhere in the organisation” he says. “It doesn’t matter what EMR or systems you're using, whether you've outsourced or brought things in-house, the majority of your users are going to access patient data through an application, so you've got to make sure those are secure. You can't go low budget - you need a solution that can tell the difference between Terry in Texas and Ivan somewhere in Eastern Europe, tell you that if they both log in with the same credential at the same time that's a problem.”
Williams says visibility is key, and for this a data-driven approach needs to be adopted. “One way to do that is to take the configuration settings of how a device has been set up, like a network infrastructure component that's facilitating accessibility to the data that we're trying to protect, and bring that all together like a jigsaw puzzle.
“Then it’s about being able to ask questions based on what you see, like whether your ingress and egress points are configured security. Once you've gone through the process of getting that visibility, you can then analyse these to make sure that they are configured in accordance with an industry best practice, regulatory recommendations or some sort of vendor recommendation around how that device should be securely configured.”
Ray hopes that healthcare organisations can get to the point where data security is a mainstream concern. “The barrier to most people is that they perceive it as being very complex” he says. “Not a lot of security people know anything about protecting databases or file servers, they'll fully admit it. I would say it's about education, and it doesn't have to be complex but you can't do it manually. In the case of a large hospital system that may have hundreds to thousands of databases, and thousands of people accessing those databases, a small security team that's supposed to do something manually about all the people that have different rights and roles over the database, will never manage it.”
Instead, security systems should be modernised by implementing automated controls using machine learning and artificial intelligence. Ray adds: “Healthcare has to get its security teams over the hump, to say, this is something we can do, we can solve this problem with technology.”
Skin Analytics wins NHSX award for AI skin cancer tool
An artificial intelligence-driven tool that identifies skin cancers has received an award from NHSX, the NHS England and Department of Health and Social Care's initiative to bring technology into the UK's national health system.
NHSX has granted the Artificial Intelligence in Health and Care Award to DERM, an AI solution that can identify 11 types of skin lesion.
Developed by Skin Analytics, DERM analyses images of skin lesions using algorithms. Within primary care, Skin Analytics will be used as an additional tool to help doctors with their decision making.
In secondary care, it enables AI telehealth hubs to support dermatologists with triage, directing patients to the right next step. This will help speed up diagnosis, and patients with benign skin lesions can be identified earlier, redirecting them away from dermatology departments that are at full capacity due to the COVID-19 backlog.
Cancer Research has called the impact of the pandemic on cancer services "devastating", with a 42% drop in the number of people starting cancer treatment after screening.
DERM is already in use at University Hospitals Birmingham and Mid and South Essex Health & Care Partnership, where it has led to a significant reduction in unnecessary referrals to hospital.
Now NHSX have granted it the Phase 4 AI in Health and Care Award, making DERM available to clinicians across the country. Overall this award makes £140 million available over four years to accelerate the use of artificial intelligence technologies which meet the aims of the NHS Long Term Plan.
Dr Lucy Thomas, Consultant Dermatologist at Chelsea & Westminster Hospital, said: “Skin Analytics’ receipt of this award is great news for the NHS and dermatology departments. It will allow us to gather real-world data to demonstrate the benefits of AI on patient pathways and workforce challenges.
"Like many services, dermatology has severe backlogs due to the COVID-19 pandemic. This award couldn't have come at a better time to aid recovery and give us more time with the patients most in need of our help.”