Cyber Attacks Focus On Healthcare

Uploaded on 2018-04-23 in BUSINESS-Services-Health & Welfare, FREE TO VIEW, NEWS-News Analysis

Healthcare is now the most vulnerable industry to data breaches, with 328 breaches in 2017 alone (accounting for 60% percent of all breaches last year). The total estimated cost of these breaches reached $1.2 billion.

In 2017, we witnessed large-scale phishing attacks targeting health-care employees leading to the theft of patient data at both Morehead Memorial Hospital and Washington University School of Medicine.

In both attacks, phishing emails were used to obtain login credentials to staff members’ email accounts.

Later in the year, PII (personally identifiable information) of 18,470 patients at Henry Ford Health System in Detroit were exposed due to theft of credentials of a group of employees. The PII was protected using a single factor of authentication (a password) and encrypted at rest.

Through just these few examples, we can see that, despite the complexity of security technologies and investments like data encryption, and network and endpoint security, the most common and effective attack vector is still stolen user credentials. According to the 2017 Verizon Data Breach Report, 81% of data breaches are due to compromised or weak credentials.

Many of the organisations that understand this turn to two-factor authentication (2FA) to strengthen defense against stolen credentials. While simple 2FA helps raise an organisation’s security profile, many commonly deployed 2FA methods are insufficient to fully protect users and data and are easily circumvented.

On its own, 2FA will protect you some of the time but not all the time. Which is fine if you only want some of your organisation protected.

But it can be circumvented by attackers through:

  • Real-time phishing, which coerce a user into giving up their username, password, and one-time passcode by asking them to log into a phishing site or click a malicious link
  • SMS and voice call interception, where an attacker exploits the mobile carrier networks
  • Malware that uses malicious code to scrape SMS one-time passwords
  • Phone number porting fraud that uses social engineering methods to coerce a cellular company’s representative into issuing the attacker with a new SIM card or moving the victim’s phone number to a SIM card that the attacker already has
  • Out of band push-to-accept mechanisms, which essentially relies on bombarding an end-user to click ‘accept’ to make bothersome requests go away

Healthcare providers can strengthen authentication methods by adopting the following:

  1. Implement adaptive authentication and risk analysis, such as analysis of the user’s geographic location, device recognition, analysis of a user’s IP address, and applying machine learning to look for anomalous behavior of the user’s credentials. This provides the highest identity security without impacting user experience. Users are only burdened with an additional authentication step if risks are present. This validates authentic users, like doctors and nurses, while blocking attackers with compromised credentials.
  2. Phase out hard tokens to utilize self-service tools when possible while considering the total cost of ownership., Nurses, doctors and staff can access their data wherever they are through routine mechanisms by evolving to more modern authentication techniques that identify users through elements such as behavioral biometrics.
  3. Prioritise the most flexible solution with the most future potential instead of relying on a quick fix. Choose integration-friendly solutions that maximize existing security investments from a vendor who can be a partner in both security and EPCS & HIPAA compliance. Only then will you achieve an accurate holistic view of all security threats and save considerable effort in compliance audits.
  4. Provide the best possible user experience by building safeguards against human fallibility. By only requiring action when risk factors are high, teams balance security needs with user preferences. Utilize identity signifiers instead of passwords to empower physicians to access data and treat patients without having to call the help desk or initiate an online support ticket.

2FA is not strong enough to protect against even unsophisticated cyber-attacks. Clearly, busy healthcare workers need secure solutions that don’t inconvenience them as they tend to time-sensitive patient problems.

IT decision makers in the health services and patient care industry should strongly reassess their approach to authentication in order to keep their data and organisation out of the cybercrime spotlight.

InfoSecurity Magazine:   Image: Nick Youngson

You Might Also Read: 

Fixing Hacks Has A Deadly Impact On Hospitals:

NHS Trusts Failed Cyber Security Assessment:

 

« How AI Will Define New Industries
UK Launches Cyber Attack On Islamic State »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

EmergIn Risk

EmergIn Risk

EmergIn Risk specializes in providing innovative insurance solutions for the global marketplace including solutions for complex Cyber Risks.

LiveVault

LiveVault

LiveVault delivers fully automated, turnkey, backup over the Internet or a private network connection for uninterrupted remote data protection.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

US Secret Service

US Secret Service

The US Secret Service has a pivotal role in securing the nation’s critical infrastructures, specifically in the areas of cyber, banking and finance.

UltraSoC Technologies

UltraSoC Technologies

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

AlJammaz Technologies

AlJammaz Technologies

AlJammaz Technologies is the leading Technology Value-Added Distributor, which distributes advanced technology products, solutions and services in area including networking and cybersecurity.

Pires Investments

Pires Investments

Pires is building an investment portfolio of high-tech businesses across areas such as Artificial Intelligence, Internet of Things, Cyber Security and Augmented/Virtual Reality.

Elisity

Elisity

Elisity Cognitive Trust is a new security paradigm that combines Zero Trust Network Access and an AI-enabled Software Defined Perimeter.

PatchAdvisor

PatchAdvisor

PatchAdvisor core services include Vulnerability Assessments/Penetration Testing, Application Vulnerability Assessments, and Incident Response.

Prembly

Prembly

Prembly are a compliance and security infrastructure company.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.

Hive

Hive

Hive is a leading provider of cloud-based AI solutions to understand, search, and generate content, and is trusted by hundreds of the world's largest and most innovative organizations.