• 512-991-7197
  • This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Always Open
Despite Efforts, Healthcare Security Threats Continue to Rise

Despite Efforts, Healthcare Security Threats Continue to Rise


Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

Recent data from the U.S. Department of Health and Human Services backs up this data, finding that healthcare organizations experienced more than 400 cyber incidents in the past two years. These included incidents of hacking, unauthorized access or disclosure, theft and loss. The problems are so bad that the HHS Health Care Industry Cybersecurity Task Force in 2017 said the industry’s cybersecurity was in “critical condition”.

The Kaspersky report found that one of the most prevalent types of hacking is ransomware. According to the report, 27 percent of healthcare employees in North America say their organizations have experienced a ransomware attack in the past year. What’s more, the vast majority of organizations that have experienced one ransomware incident admit to having experienced more—as many as five during a one-year period.

There are many reasons for the industry’s abysmal record in prevent cyberattacks. The Coalfire report found numerous incidents of unpatched software, misconfiguration, insecure protocols, unsupported connected devices and password flaws. It also found that many healthcare organizations don’t have enough money or staff to combat cyberattacks effectively.

In general, healthcare organizations are attractive targets for cybercriminals, but healthcare organizations are making it easier than it should be, according to Rob Cataldo, a vice president at Kaspersky Lab.

“As more healthcare breaches make news headlines every week, the more aware cybercriminals have become that organizations in the healthcare industry are not as secure as we’d all like to think,” he said. “Many of these organizations are leaving themselves vulnerable by continuing to use legacy technology systems, often leaving systems unpatched and insecure.”

One of the biggest problems is that healthcare organizations don’t seem to be learning from their mistakes, with many experiencing multiple attacks. In many cases, following the first attack, cybercriminals will create variations of cyber threats and resend them to the healthcare organization, either to avoid any barriers that prevented their initial attack from being successful or to take advantage of reconnaissance details gathered during the initial infiltration, Cataldo said.

To help healthcare organizations improve their cybersecurity defenses, HHS recently released a publication with a list of voluntary steps to help stem e-mail phishing attacks; ransomware; loss or theft of equipment or data; and insider, accidental or intentional data loss.

It’s also critical for IT teams to regularly update operating systems on all devices in the network with the latest patches and regularly back up important information stored in all locations. And they should ensure that new enterprise security solutions include dedicated anti-ransomware technologies. If faced with a new threat, some of these solutions can protect data by rolling back any changes made by the malware.

Finally, keep awareness high.

“Organizations should continuously raise employee awareness about modern cyber threats and attack methods,” Cataldo recommends. “Training and informing employees of IT security protocols and constantly communicating these through reminders can have a positive impact on preventing social engineering methods from spreading ransomware.”



© 2019 Austin Laptop [AustinLaptop.Com]. All Rights Reserved.