Posts Tagged ‘cyber attack’

Guest Post: Rethinking Healthcare Cybersecurity by Focusing on the Attacker, not the Attack

October 4th, 2018 by Ofer Israeli

Why are healthcare systems so challenging to secure? What is driving this complexity. How might we rethink our approach?

Healthcare systems, like all digital networks today are increasingly inter-connected and consumer-driven. The digital transformation necessary to make them agile, also renders them easy targets for data and identity theft, insurance fraud, and other forms of cybercrime. As the recent spate of ransomware has shown, cyberattacks on healthcare institutions also disrupt vital services and risk patient safety.

Beyond the health organization’s core staff, a wide variety of guests, students, visitors, patients, maintenance workers and others have direct physical access to healthcare systems and devices. Temporary workers and contractors require access to sensitive systems while employed. External interconnection of these systems with universities, research partners, and other remote services further mitigates the effectiveness of perimeter and access security controls. Higher and thicker security walls will not support the organization’s need to break down barriers, share information, and increase patient access.

Clearly, a new approach is required. If we cannot stop attacks, then we must stop the attackers. This is not a semantic nuance. The key to protecting healthcare systems in the future will be to transform our thinking—from a focus on defending ourselves from an infinitely expanding phalanx of attacks and attack vectors, to instead focus on disrupting the attack process itself regardless of attack style or source. We must stop the attackers.

As difficult as that might sound at first blush, there is, in fact, a silver bullet that will disrupt the vast majority of attacks. Malicious actors targeting healthcare systems all share a common trait that makes them vulnerable to disruption and detection. Regardless of how they enter a healthcare network, or what their intent, attackers must move laterally across the healthcare network to access their target applications, devices, systems, and data. To move undetected, they must gather intelligence about the environment and make careful decisions regarding their attack path.

The key then, quite simply, is to disrupt the attacker’s decision-making process—to blind and befuddle them so that they cannot progress their attack. Done well, cyber deception technology disrupts the attacker’s intelligence gathering process, and destroys their ability to make accurate decisions, by flooding the attack plane with false and misleading data. Similar in effect to evasive maneuvers used in aerial combat such as disgorging flak, disrupting radar, and disorienting GPS signals, these new technologies destroy the attacker’s ability to navigate, and ensure they are detected by any movement they do decide to make.

The challenges of securing healthcare systems will continue to grow as attackers, and their tools, methods, and infrastructure, become more sophisticated and diverse. Just as digital transformation is improving efficiency and patient outcomes, the traditional security mindset must be transformed to a modern security mindset. To protect these new system architectures, we must refocus our efforts from defending against attacks to disrupting the attack process itself. Deception offers a promising path forward in this direction.

Ofer Israeli

Ofer Israeli

About the Author: Ofer Israeli, founder and CEO of Illusive Networks, pioneered deception-based cybersecurity. He leads the company at the forefront of the next evolution of cyber defense. Prior to establishing Illusive Networks, Mr. Israeli managed development teams based around the globe at Israel’s seminal cybersecurity company Check Point Software Technologies and was a research assistant in the Atom Chip Lab focusing on theoretical Quantum Mechanics.

Infographic: Healthcare Cyber Security Threat Prognosis

August 24th, 2016 by Melanie Matthews

The 10 largest healthcare cyber attacks of 2015 affected over 100 million records, valued at up to $154 per record breached, according to a new infographic by FireEye.

The infographic examines the depth of the healthcare cyber security threat, why the healthcare industry is a top target for cyber crime and the potential cost to healthcare organizations of a security breach.

Healthcare Trends & Forecasts in 2016: Performance Expectations for the Healthcare IndustryFrom cost pressures, consumerism and consolidation to a proliferation of patient-centered, value-based delivery and payment models, the state of healthcare continues to challenge organizations in the industry.

Healthcare Trends & Forecasts in 2016: Performance Expectations for the Healthcare Industry, HIN’s 12th annual business forecast, pins down the trends destined to impact the industry in the year to come and proposes tactics C-suite executives can employ to distinguish their operations in a dynamic marketplace. Click here for more information.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Guest Post: 5 Ways to Protect Against Cyber Attacks

February 23rd, 2016 by Salim Hafid, product marketing manager, Bitglass

Cyber attacks like the recent hack of Hollywood Presbyterian Medical Center are on the rise.

Editor’s Note: Could the Hollywood hack happen to your organization?

The event had all the hallmarks of a Hollywood blockbuster, but this month’s assault by a hacker on Hollywood Presbyterian Medical Center (HPMC) was frighteningly real. The malware attack locked access to certain computer systems and prevented the medical center from sharing communications electronically, according to a statement by Allen Stefanek, President & CEO. The medical center paid the requested ransom—40 Bitcoins, equal to approximately $17,000—and restored its electronic medical record (EMR) system. There is no evidence at this time that any patient or employee information was subject to unauthorized access, Stefanek said in his statement.

The HPMC hack is only the latest cyber attack to plague the industry. In this guest blog post, Salim Hafid, product marketing manager for Bitglass, suggests ways organizations can safeguard themselves against these damaging events.

Data breaches in 2015 resulted in a massive 113 million leaked records nationwide, up from 12 million in 2014, according to Bitglass’ Healthcare Breach Report. This means that one in three Americans’ personal information was leaked as a result of cyber attacks. The increase suggests that hackers are increasingly targeting medical records, which contain a trove of valuable information including addresses, Social Security numbers, and patients’ medical history. As hackers become more sophisticated, IT must take steps to secure data both in the cloud and across all employee devices.

Given the rising threat of cyber attacks, healthcare organizations must be proactive when it comes to securing corporate data. Here are five ways IT can both protect healthcare data in the cloud and limit the risk of a large-scale breach:

1. Control access.

Cloud applications have made file-sharing and access to data easier than ever, but for all the flexibility these apps offer, there are risks to sharing files with unsecured, unmanaged devices outside the corporate network. Granular access controls are a critical piece of the security puzzle in that organizations need the ability to limit access in certain risky contexts. In the case of the Anthem breach for example—in which phished credentials were used in China, resulting in 78.8 million leaked records—access controls would have limited the damage.

2. Encrypt, track, protect.

The most sensitive data in an organization is often the most valuable to hackers. Files with customer Social Security numbers, addresses, and medical claims information are the targets of large-scale breaches. To secure data, IT needs a means to identify the files that contain sensitive content and apply Data Loss Prevention (DLP) to those files. Contextual DLP solutions enable IT administrators to distinguish between devices and set policies to encrypt, apply watermarks to track data, or even wrap files with digital rights management (DRM).

3. Secure BYOD.

As demand for bring-your-own-device (BYOD) in healthcare rises, organizations need to protect data on unmanaged devices without impeding user privacy. What is critical here is control over data as it travels to the end-user’s device and data that resides on the device itself. With features like selective wipe and native mail access, organizations can encourage adoption of BYOD while still protecting data and maintaining HIPAA compliance on these unmanaged devices.

4. Quickly identify potential breaches.

As healthcare organizations are now more likely to be targeted by hackers than ever before, IT needs the ability to quickly identify suspicious traffic and be alerted to potential risks. Administrators can leverage tools like cloud access security brokers to act on that information and limit sharing using the aforementioned access control capabilities.

5. Improve authentication.

Major breaches like Anthem and Premera, coupled with the low rate of single sign-on adoption across the healthcare industry, highlight the need for a more secure means of authenticating users. With an integrated identity solution, organizations can maintain control over the key access points to their data and can easily manage user account credentials with tools like Active Directory. Industry standards like single sign-on, multi-factor authentication, and single-use passwords can also help minimize risk of breaches due to stolen credentials.

These are just a few of the many ways healthcare organizations can better secure corporate data in public cloud applications like Google Apps, Box, and Office 365. In light of the massive year-on-year increase in breaches, securing healthcare data has never been more critical. Healthcare organizations need a HIPAA-compliant, comprehensive, data-centric solution that provides complete control and visibility over protected health information (PHI), a means of securely authenticating users, and BYOD security.

Download the Bitglass Healthcare Breach Report for more on the key capabilities necessary to protect healthcare data in the cloud and achieve compliance.

About Bitglass: In a world of cloud applications and mobile devices, IT must secure corporate data that resides on third-party servers and travels over third-party networks to employee-owned mobile devices. Existing security technologies are simply not suited to solving this task, since they were developed to secure the corporate network perimeter. The Bitglass Cloud Access Security Broker solution transcends the network perimeter to deliver total data protection for the enterprise—in the cloud, on mobile devices and anywhere on the Internet. For more information, visit

HIN Disclaimer: The opinions, representations and statements made within this guest article are those of the author and not of the Healthcare Intelligence Network as a whole. Any copyright remains with the author and any liability with regard to infringement of intellectual property rights remain with them. The company accepts no liability for any errors, omissions or representations.