Attackers Delight: Why Does Healthcare See So Many Attacks?

Putting healthcare in a better position
Improving the security posture of healthcare providers is a big but not impossible task. It starts with managing the vast attack surface modern healthcare providers operate.
“To enhance cyber resilience, healthcare organisations should adopt a zero-trust security model,” explains David.
This approach emphasises strict identity verification and access controls.
By implementing zero-trust principles, healthcare providers can ensure ‘least-privileged’ access to users, devices and applications, thereby reducing the risk of unauthorised access to sensitive data by reducing the amount of entry points to the wider network.
“Keeping track of employees and non-employees effectively means ensuring that these identities are managed centrally and intelligently. Technology such as identity security allows organisations complete visibility over who is entering their internal systems, enabling them to manage access rights whilst ensuring the protection of sensitive data,” says Greg.
But just as the healthcare sector reaches out to external solution providers to help it with things like blood diagnostics, so should it do so for security.
“Healthcare companies must work closely with security experts to get non-employee risk management processes up and running,” Greg explains.
This becomes increasingly important with the burgeoning of AI, as these professionals can help healthcare organisations to not only understand the new risk, but find ways to implement it so that it benefits them.
“Investing in advanced threat detection technologies, such as AI-driven analytics and machine learning, is also essential,” David explains. “These tools help in identifying and mitigating threats in real-time. Obtaining good intelligence on the activities of potential threat actors is crucial in anticipating and preparing for specific threats.”
Yet with so many lingering issues, perhaps the sector should first walk before it runs.
Protecting more than physical health
UnitedHealth Group CEO Andrew Witty explained to a US government committee following the hack that a ransomware actor gained access to the internal network via a server that did not have multi-factor authentication (MFA), rendering it vulnerable to brute force attacks and compromised credentials, which is how a ransomware affiliate breached its network.
This lack of basic cyber hygiene, although not entirely unique to the healthcare sector, would be a good place to start.
“To enhance cybersecurity in the healthcare sector, it’s essential to focus not only on new and emerging technologies but also on getting the basics right,” says David. “While AI-driven analytics, machine learning, and advanced threat detection systems offer significant potential for real-time monitoring and proactive defence, starting with robust patch management is crucial.”
The cybersecurity challenges facing the healthcare sector are significant, but not insurmountable. While the industry grapples with legacy systems, budget constraints, and an ever-expanding digital footprint, a cure for their poor cyber posture is available.
Its prescription is a regiment of updating internal systems, applying new technologies, and a culture that values digital hygiene as much as it does hand-washing.
The road ahead may be challenging, but with concerted effort and a commitment to ongoing improvement, the healthcare industry can prepare itself for a future where it protects itself and its patients from more than just physical harm.
link