Attacks on Healthcare IT and Counter Measures

E-mail Print PDF


cyber-attack-artThe healthcare industry, like most industries in today’s business world, depends mainly on IT systems to carry out operations, record different data and process financial transactions. And as the reliance on those IT systems increases, the risk of the data stored and processed using these systems to be intercepted by criminals and misused has also increased greatly.

In the past three years, many studies have shown that the healthcare industry has faced a major increase in cyber attacks although securing the systems has become the main focus of the efforts of both IT and healthcare providers. However, the percentage and extent of the attacks are on a rise, that is why it is essential for both the healthcare and IT providers to identify the main targets being attacked by the cyber criminals and for ways to secure the entry points of such attacks instead of just increasing the secure measures in general.

An annual investigation of security breaches is conducted by Verizon on the systems of various industries to determine the vulnerabilities of such systems and the main areas targeted by the criminals. In 2012, Verizon conducted the investigation on healthcare industry systems. The detailed study can be downloaded here.  It is also to be noted here that the healthcare industry has become one of the highest industries experiencing security breaches and data theft.

The study showed that the small to medium-size category of healthcare providers were attacked the most mainly because their systems are usually less secure than the larger organizations. The main concern of the study was that healthcare providers need to understand that the reason criminals attack their systems is not to get patient medical data but rather to obtain information that they can use to make financial gain,like social security numbers and data recorded in financial transactions.
The attacks on the healthcare organizations included in the study were mainly caused by external threats, some internal threats occurred due to stolen laptops and mobile devices, but the major security breaches were caused by outside perpetrators.93% of the attacks were carried out using malware and hacking techniques. The attackers gained access to the systems using easily guessable or default passwords, back doors to the organizations’ systems, using brute force attacks (trying out a “dictionary” of possible usernames and passwords), stealing log in information with spyware, tricking employees into installing malware on the computers to use in stealing information and sending it to a remote site.

Verizon analyzed the main areas targeted by attackers which may be either the less secure points in a system or the places where the data sought are stored or processed. The most common targets were the Point of Sale (POS) terminals and servers, desktops and workstations and storage systems. The POS terminals and servers were the most common targets, attacked 64% and 48% of the total number of security breaches analyzed, respectively. The reason that these points were attacked the most is that financial and insurance information are entered, processed and stored using these terminals, which the attackers can use to assume medical identities and make financial gain. Desktops and workstations were attacked in 38% of the security breaches,where the criminals trick organization employees into installing malware and spyware on their computers by downloading software or clicking on malicious links.Storage systems are also valuable to criminals,although they were attacked the least, because they contain medical and financial information that could be useful to them.

After analyzing the vulnerable points and main points of entry that criminals target to attack healthcare organizations, the study states that although no single set of recommendations can be formulated in order to prevent cyber attacks as each organization is different so its IT team should assess the weaknesses and identify the major threats that could be attacked, the study made some recommendations in order to help healthcare organizations in protecting themselves against potential cyber attacks.

Verizon recommended that administrative passwords should be changed constantly on all POS systems as hackers always scan the internet for easy passwords, it is also advisable to avoid using POS computers to access the internet. Another recommendation is to implement a firewall or access control list on remote access / administration services in order to prevent hackers from gaining access into the system and ensure that the POS is a PCI DSS-compliant application which would increase the security around card holder data to reduce credit card fraud via exposure of data. If any of the organization’s security systems or POS terminals and servers are managed by a third party, the healthcare organization should make sure that the appropriate security measures are maintained by the third party.

And due to the seriousness of the issue of cyber attacks on the healthcare industry, it is important to mention another study that discusses the vulnerability of the US healthcare system and the recommendations that can help healthcare organizations in guarding themselves against such threats. This paper is published in detail on this page.

The authors of the paper, Mr. David Harries and Dr. Peter Yellowless, discussed prevention steps on a more strategic level to be adopted by large as well as small healthcare organizations each according to their needs and security vulnerabilities. The six guidelines mentioned by the authors are performing regular security assessments to determine any security gaps, installing and maintaining intrusion detection and prevention services that can detect and block cyber attackers, installing a data loss prevention solution that checks for leakage of information, keeping audit logs to track access to sensitive patient data, regular testing of web security and mandating encryption of software for mobile devices, laptops, portable storage and backup tapes.

As healthcare systems become more complicated with different functionalities and connected to various other systems and related parties, the threats to the financial and medical data going through these channels become more serious, thus it is the duty of every organization to take all precautions and measures to keep its systems and data secure from such malicious threats.

These signals are relayed buying clomid online safe which then is by a number of such as medial preoptic and paraventricular nulcei.