• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Security   »   Preparing for the Fight: Best Practices for Healthcare IT and Security Teams

Preparing for the Fight: Best Practices for Healthcare IT and Security Teams

  • Posted on:January 15, 2015
  • Posted in:Security
  • Posted by:
    JD Sherry (VP, Technology and Solutions)
0

Every healthcare/hospital administrator’s worst nightmare was realized earlier this year when hospital operator Community Health Systems (CHS) revealed it had suffered a major data breach. The 29-state provider claimed it had been the victim of an Advanced Persistent Threat (APT) originating from China. It later emerged that sensitive information of around 4.5 million patients was exposed.

So what can the attack tell us about the cyber threats facing healthcare organizations today, and how can they better defend themselves?

A cautionary tale

First up, let’s get things clear: CHS wasn’t the first healthcare provider to be attacked in this way, and it certainly won’t be the last. In fact, according to an ISACA APT awareness study last year, nearly two-thirds (63 percent) of information security professionals believe it is only a matter of time before their organization is targeted.

Why? Because the means to launch such attacks are going mainstream. Exploit kits are available on the criminal underground for as little as $120 apiece. In addition, flaws are widespread in all sorts of software today. Vulnerability alert firm Secunia claims we’ll see a 40 percent increase in them this year– the biggest rise in at least five years. Then there’s social engineering. If anything, the pace and pressures of a modern workplace – especially a hospital – make it increasingly likely that staff will be tricked into clicking on a malicious link or opening an attachment loaded with malware.  Additionally, we can’t discount the risk of insider threats.

This is what happened to CHS, with hackers gaining network access by exploiting the notorious Heartbleed vulnerability, which had been left unpatched. Healthcare IT workers typically have a wide variety of disparate systems to maintain, and the challenge of coordinating patches for each component in a timely manner often leaves security gaps. It doesn’t help that Windows XP, for which no patches are now available, is still the preferred OS of 15-20 percent of hospitals globally.

An advanced, persistent response

While the majority of cyber attacks require little skill to execute, they do require an advanced, persistent response – a coordinated and well-resourced response combining advanced detection and threat prevention tools and techniques with improved staff training. With the average cost of a targeted attack now $5.9m, according to Ponemon, the advanced planning and investment will be worth it.

Here are three elements which should be key pillars of your advanced response:

Virtual patching: In dynamic virtual environments, VMs are provisioned and deprovisioned all the time, but often come online without up-to-date security enabled, leaving potentially serious security holes. Virtual patching will eradicate these “instant-on” gaps, reducing risk without impacting the quality of care or services.  Automation of the patch lifecycle must be a priority to keep pace with today’s dynamic IT/security environment.

Transparency: Without good visibility into your environment and the targeted attacks heading your way you’ll be flying blind. Use advanced breach detection methods – including file integrity monitoring and log scanning – coupled with global threat intelligence leveraging big data and analysis of attacks focused on the healthcare sector.

Increased training and education: Staff not only need help to spot spearphishing attempts hitting their inbox, but specialist IT teams must also improve their ability to handle cybersecurity events and incidents. This educational program should include certified incident handler accreditation as well as conducting frequent table-top exercises demonstrating advanced cyber attacks.

 

Related posts:

  1. Leveraging Threat Intelligence in Healthcare Environments
  2. Cybersecurity in Healthcare: a Unique Challenge
  3. Attention Healthcare IT Teams: Five Simple Ways to Keep Patient Data Safe
  4. Forum of Incident Response and Security Teams (FIRST) Conference

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.