From cash-hungry hackers to state-sponsored spies and careless insiders, there’s no shortage of cyber threats facing healthcare organizations (HCOs) today. At Trend Micro, we’ve been protecting organizations operating in the industry for years, but the challenges facing these customers show no signs of abating. In fact, figures from the US Department of Health and Human Services (HHS) put the number of recorded breaches in 2016 at more than 320; linked to the theft of more than 16 million records.
That’s why we’ve been showing our support at the HITRUST 2017 annual conference this week. HITRUST is doing fantastic work to help improve the cybersecurity posture of smaller HCOs which typically have fewer resources to throw at the problem – by providing low-cost tools and improving threat intelligence gathering and information sharing.
Healthcare organizations are keen to leverage the benefits of digital transformation to improve patient care and make themselves more cost effective. But new cloud, mobile and IoT technologies also open up cybersecurity gaps which cyber threat actors are ready and waiting to exploit. As Trend Micro explained in a February report, Cybercrime and Other Threats Faced by the Healthcare Industry, Electronic Health Records (EHRs) are increasingly popular in cybercriminal undergrounds. They typically contain protected health information (PHI), which have a long shelf life and can be used in a wide range of follow-on fraud scams, making them particularly lucrative fare. That’s why a complete EHR database can sell for as much as $500,000.
That’s not to mention the risks facing HCOs from ransomware, as cybercriminals look to target organizations with the most to lose from an IT outage. The Hollywood Presbyterian Medical Center was the first to publicly admit paying up in such a case – to the tune of $17,000. Unfortunately, that case was the first of far too many.
Fighting back with HITRUST
These challenges make the work of HITRUST and organizations like it all the more important. HITRUST runs CyberAid, a first-of-its-kind initiative designed to put high quality security tools and support in the hands of physician practices with fewer than 75 employees. Thanks to a partnership with Trend Micro this is already proving a great success: For example, between October and November 2016, each CyberAid participant was protected on average from 364 threats.
However, that’s not all. At the HITRUST 2017 event, attendees heard about the Cyber Threat XChange (CTX); an initiative designed to accelerate the detection of and response to cyber threats targeting HCOs. How does it do this? By automating the collection and analysis of cyber threats while digitally distributing actionable indicators which HCOs can use to improve their cyber defenses.
A two-week pilot in April returned some impressive results: more than 2,300 IoCs including email-borne ransomware, C&C callbacks and much more.
At the same event, I spoke of the importance of blended threat prevention in helping HCOs improve their cybersecurity, from the first line of defense provided by messaging and web security gateways; to network-based breach detection systems and IPS; physical, virtual and cloud security; and integrated endpoint security.
But I also highlighted the importance of industry partnerships, like the ones we have with HITRUST, in helping to raise security standards and share information for the good of all stakeholders. We’re thrilled that Trend Micro’s hybrid Unified Threat Management (UTM) appliance, Cloud Edge and endpoint security SaaS, Worry Free Services were the first products to be approved for the CyberAid program, and our Deep Discovery Inspector is the backbone in threat intelligence collection and analysis for the Enhanced HITRUST CTX.
Cyber threat actors will never let up, so neither should we. Here’s to many more successful partnerships and initiatives going forward.