Few organisations have been placed under pressure as extreme over the past year as those working in healthcare. In many cases, this has been a catalyst for rapid digital transformation. Yet with healthcare organisations (HCOs) stretched to the limit, security gaps inevitably appear in systems that support life-saving work on the COVID-19 front line.
As 2020 showed, many cyber-criminals have no qualms about disrupting HCOs, and putting lives at risk, in order to extort victims with ransomware and data theft. To find out more on exactly how fast the pandemic is driving cloud adoption, and how well the sector understands its cybersecurity challenges, Trend Micro commissioned a global study of more than 2,500 IT decision makers in 28 countries across several industry sectors, including healthcare.
Virtual patching: why healthcare IT needs digital face masks
Complexity is everywhere in modern healthcare IT. It is defined by the curious blend of legacy and modern computing systems that power the NHS: from SaaS apps and cloud servers to remote working laptops and on-premises datacentres. This complexity creates security and compliance risk, particularly as all of those IT assets must be patched to protect them from cyber-threats. Doing so is easier said than done.
This is where virtual patching comes into its own. Think of the technology as a digital equivalent of the face masks providing life-saving protection to NHS staff every day. Virtual patching is low cost, non-invasive, easy-to-use and highly effective.
Over the past few days, one story in the US has threatened to overshadow even the race for the White House. A set of apparently coordinated ransomware attacks reportedly hit hundreds of hospitals, medical facilities and clinics. Although no warnings have thus far been issued by the National Cyber Security Centre (NCSC) or NHS Digital, UK hospitals should be alert to the malicious campaign potentially spreading their way, and of other attackers targeting medical facilities already stretched to the limit with the fight against COVID-19.
The good news is that by detecting the early warning signs including the presence of TrickBot and/or Emotet Trojans, healthcare organisations (HCOs) can mitigate the threat before it has a chance to make a major impact.
Many of us probably don’t know it yet, but already the Internet of Things is creeping into every corner of our lives. From connected cars to on-board sensors inside aircraft, wearable fitness bands to smart cities – the possibilities are almost limitless for this new computing paradigm. Healthcare is one industry which has taken to the IoT with gusto, especially in the States where investment in new technologies tends to be ahead of the UK. Yes, networked devices can dramatically improve healthcare outcomes and patient wellbeing. But the problem is that manufacturers just aren’t putting enough thought into security and privacy at the design phase.
The result? Products are rushed to market with major security vulnerabilities, as one new piece of research has just found. Presenting at DerbyCon last weekend, two researchers claimed to have found 68,000 exposed IoT devices at just one unnamed healthcare organization. Continue reading →