Mar 17, 2021

CyberMDX: How to prevent cyber attacks in healthcare

Cyber Attacks
Leila Hawkins
5 min
CyberMDX: How to prevent cyber attacks in healthcare
Azi Cohen, CEO of IOT security firm CyberMDX explains why the healthcare sector is so attractive to cyber attackers and what can be done to stop them...

Cyber attacks in healthcare increased by 45 per cent globally towards the end of 2020 - double the rate of attacks in other sectors, with hackers taking advantage of the perfect storm of new technologies being implemented at speed and staff efforts focused on the pandemic. 

Azi Cohen joined CyberMDX earlier this year having spent most of his career working to protect financial institutions. He did so because of a desire to help healthcare organisations address their security issues. 

By comparison to the finance sector, healthcare organisations are often are more vulnerable to cyber attacks. "Financial organisations are better protected today because the industry has invested quite a bit of time and money into improving the situation - they spend approximately 15 per cent of their annual IT budgets on cybersecurity. By comparison, most healthcare organisations lack dedicated cybersecurity teams and probably spend only around 4 or 5 per cent on this" Cohen says. 

The motivation of the hackers is financial. A health record contains not just social security and driver’s license numbers but also employer details, insurance details, and prescription data. "Hackers can use this information to file fraudulent insurance claims, buy drugs or medical equipment with it, and they can even file fraudulent tax returns. The data in a person’s health record contains enough detail to help steal identities. If bad actors aren’t looking to do something themselves, they could sell the information in a kit and fetch one or two thousand dollars on the dark web." 

However the main use is not to exploit individual data, but to launch a ransomware attack, where hackers infiltrate the hospital’s network, gain access to the health , and lock the hospital out of the system, holding the patient data hostage until the hospital pays the ransom.

The impact of the pandemic

Hospitals are particularly vulnerable given the amount of medical devices and systems they use. "The average US hospital has over 30,000 connected medical devices and endpoints, many of which are running vulnerable, unpatched and outdated software" Cohen says. "This provides almost endless endpoints for hackers to try.

"While there are several hundred large hospitals and healthcare networks in the US with structured resources in place to handle security concerns (i.e., security team, CISO and CIO), there are thousands of smaller healthcare delivery organisations that do not.

"Instead, they have to rely on general IT departments to handle everything. In these situations the IT teams are tasked with formal IT roles and, in addition, are meant to find time to also cover the massive job of securing, patching, updating and monitoring the thousands of devices they have within the network" Cohen says.

The COVID-19 pandemic highlighted these vulnerabilities, as all efforts were concentrating on caring for large numbers of patients, coupled with having to implement new technologies very quickly such as virtual consultations, and leaving far less time to consider the security implications. 

"What would usually be done in a slow and steady process had to happen overnight" Cohen says. "To add insult to injury, a barrage of bad actors decided the greatest public health scare of the last century was the perfect opportunity to hold hospitals hostage and jumped in to attack these weaknesses. By some estimates, attacks on healthcare organisations increased by 500 per cent or more while they were dealing with the global pandemic." 

How to prevent cyber attacks

One of the best ways to prevent cyber attacks lies with the hospital staff. "All personnel must have a basic understanding of proper cybersecurity protocols, and hospitals should invest in employee training around what to do with potentially suspicious emails. They also must ensure their medical terminals are locked when not in use. What’s more, systems should only be accessed by credentialed staff members to not expose hospitals to unnecessary threats."

"It’s much easier to prevent an attack than to undo the damage of one that’s already happened. Early detection and mitigation are the key to optimal security. You can’t protect what you can’t see so this effort must begin with establishing visibility across your entire network to achieve an accurate inventory of all your devices" Cohen says. 

"We highly recommend doing a gap analysis or risk assessment. This will allow you to analyse your medical devices and understand what your risk profile is based on security vulnerabilities, version compatibility, and the compliance alignment of each of the devices on your network. 

"Lastly, hospitals should always employ monitoring solutions to ensure that any anomalies are detected and reported. Should a security threat be detected, hospitals that have the proper tools in place can keep the threat isolated and prevent the hacker from moving around within the network." 

Automation and monitoring

In the long term, Cohen says that investing in automation is vital to prevent cyber attacks. "With the massive number of devices and endpoints in even a small hospital, security teams cannot hope to achieve an adequate level of security manually. Specialised tools designed for IOT and medical devices will provide security teams with constant monitoring and crucial early detection capabilities that will allow hospitals to mitigate and isolate potential security breaches. 

"It’s critical to always be surveying your cyber hygiene so you can constantly improve and close gaps. A continuous risk and vulnerability management plan that is always on and monitoring will keep you vigilant.

"Lastly, we think a change in the way security is approached in the healthcare industry is important. A move towards dealing with the rising issues means a device-centric risk management approach is a key advantage that can be leveraged against attackers" Cohen says. 

"Layering security around each device - including unmanaged devices (the operation part) – provides unique remediation and network-based mitigations to reduce the likelihood of an attack. While the healthcare sector needs to do this over the long-term, the good news is that the tools and technology exist - they don't have to wait, they simply need to take action.

Share article

Jun 18, 2021

Skin Analytics wins NHSX award for AI skin cancer tool 

2 min
Skin Analytics uses AI to detect skin cancer and will be deployed across the NHS to ease patient backlogs

An artificial intelligence-driven tool that identifies skin cancers has received an award from NHSX, the NHS England and Department of Health and Social Care's initiative to bring technology into the UK's national health system. 

NHSX has granted the Artificial Intelligence in Health and Care Award to DERM, an AI solution that can identify 11 types of skin lesion. 

Developed by Skin Analytics, DERM analyses images of skin lesions using algorithms. Within primary care, Skin Analytics will be used as an additional tool to help doctors with their decision making. 

In secondary care, it enables AI telehealth hubs to support dermatologists with triage, directing patients to the right next step. This will help speed up diagnosis, and patients with benign skin lesions can be identified earlier, redirecting them away from dermatology departments that are at full capacity due to the COVID-19 backlog. 

Cancer Research has called the impact of the pandemic on cancer services "devastating", with a 42% drop in the number of people starting cancer treatment after screening. 

DERM is already in use at University Hospitals Birmingham and Mid and South Essex Health & Care Partnership, where it has led to a significant reduction in unnecessary referrals to hospital.

Now NHSX have granted it the Phase 4 AI in Health and Care Award, making DERM available to clinicians across the country. Overall this award makes £140 million available over four years to accelerate the use of artificial intelligence technologies which meet the aims of the NHS Long Term Plan.

Dr Lucy Thomas, Consultant Dermatologist at Chelsea & Westminster Hospital, said: “Skin Analytics’ receipt of this award is great news for the NHS and dermatology departments. It will allow us to gather real-world data to demonstrate the benefits of AI on patient pathways and workforce challenges. 

"Like many services, dermatology has severe backlogs due to the COVID-19 pandemic. This award couldn't have come at a better time to aid recovery and give us more time with the patients most in need of our help.”

Share article