Cyber Attacks Focus On Healthcare

Uploaded on 2018-04-23 in BUSINESS-Services-Health & Welfare, FREE TO VIEW, NEWS-Cybersecurity News

Healthcare is now the most vulnerable industry to data breaches, with 328 breaches in 2017 alone (accounting for 60% percent of all breaches last year). The total estimated cost of these breaches reached $1.2 billion.

In 2017, we witnessed large-scale phishing attacks targeting health-care employees leading to the theft of patient data at both Morehead Memorial Hospital and Washington University School of Medicine.

In both attacks, phishing emails were used to obtain login credentials to staff members’ email accounts.

Later in the year, PII (personally identifiable information) of 18,470 patients at Henry Ford Health System in Detroit were exposed due to theft of credentials of a group of employees. The PII was protected using a single factor of authentication (a password) and encrypted at rest.

Through just these few examples, we can see that, despite the complexity of security technologies and investments like data encryption, and network and endpoint security, the most common and effective attack vector is still stolen user credentials. According to the 2017 Verizon Data Breach Report, 81% of data breaches are due to compromised or weak credentials.

Many of the organisations that understand this turn to two-factor authentication (2FA) to strengthen defense against stolen credentials. While simple 2FA helps raise an organisation’s security profile, many commonly deployed 2FA methods are insufficient to fully protect users and data and are easily circumvented.

On its own, 2FA will protect you some of the time but not all the time. Which is fine if you only want some of your organisation protected.

But it can be circumvented by attackers through:

  • Real-time phishing, which coerce a user into giving up their username, password, and one-time passcode by asking them to log into a phishing site or click a malicious link
  • SMS and voice call interception, where an attacker exploits the mobile carrier networks
  • Malware that uses malicious code to scrape SMS one-time passwords
  • Phone number porting fraud that uses social engineering methods to coerce a cellular company’s representative into issuing the attacker with a new SIM card or moving the victim’s phone number to a SIM card that the attacker already has
  • Out of band push-to-accept mechanisms, which essentially relies on bombarding an end-user to click ‘accept’ to make bothersome requests go away

Healthcare providers can strengthen authentication methods by adopting the following:

  1. Implement adaptive authentication and risk analysis, such as analysis of the user’s geographic location, device recognition, analysis of a user’s IP address, and applying machine learning to look for anomalous behavior of the user’s credentials. This provides the highest identity security without impacting user experience. Users are only burdened with an additional authentication step if risks are present. This validates authentic users, like doctors and nurses, while blocking attackers with compromised credentials.
  2. Phase out hard tokens to utilize self-service tools when possible while considering the total cost of ownership., Nurses, doctors and staff can access their data wherever they are through routine mechanisms by evolving to more modern authentication techniques that identify users through elements such as behavioral biometrics.
  3. Prioritise the most flexible solution with the most future potential instead of relying on a quick fix. Choose integration-friendly solutions that maximize existing security investments from a vendor who can be a partner in both security and EPCS & HIPAA compliance. Only then will you achieve an accurate holistic view of all security threats and save considerable effort in compliance audits.
  4. Provide the best possible user experience by building safeguards against human fallibility. By only requiring action when risk factors are high, teams balance security needs with user preferences. Utilize identity signifiers instead of passwords to empower physicians to access data and treat patients without having to call the help desk or initiate an online support ticket.

2FA is not strong enough to protect against even unsophisticated cyber-attacks. Clearly, busy healthcare workers need secure solutions that don’t inconvenience them as they tend to time-sensitive patient problems.

IT decision makers in the health services and patient care industry should strongly reassess their approach to authentication in order to keep their data and organisation out of the cybercrime spotlight.

InfoSecurity Magazine:   Image: Nick Youngson

You Might Also Read: 

Fixing Hacks Has A Deadly Impact On Hospitals:

NHS Trusts Failed Cyber Security Assessment:

 

« How AI Will Define New Industries
UK Launches Cyber Attack On Islamic State »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

CNCERT/CC

CNCERT/CC

CNCERT is the national Computer Network Emergency Response Technical Team / Coordination Center of China.

Heimdal Security

Heimdal Security

Heimdal Security provides proactive protection against cyber threats including ransomware, exploit kits and financial malware.

Trust in Digital Life (TDL)

Trust in Digital Life (TDL)

TDL is a membership association comprising companies, SMEs, universities and research institutes who exchange experience and insights to make digital services in Europe trustworthy and safe.

GuardKnox

GuardKnox

GuardKnox protects the users of connected vehicles against threats that can endanger their physical safety and the safety of their personal information.

Silverskin Information Security

Silverskin Information Security

Silverskin is a cyber attack company that specializes in having knowledge of the attacker's mindset to identify vulnerabilities and build effective and persistent defences.

Stealthcare

Stealthcare

Stealthcare is a full service, global cyber security firm offering solutions that educate, empower and protect.

Kleiner Perkins

Kleiner Perkins

For five decades, Kleiner Perkins has made history by partnering with some of the most ingenious and forward-thinking founders in technology and life sciences.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

BTblock

BTblock

Blockchain and cybersecurity is a vital combination for Enterprise success. BTblock is a Force Multiplier for its clients.

Splone

Splone

Splone is a Berlin-based IT security research team and consultancy. We help improve IT-security by offering red team assements, penetration tests, audits and customized consulting.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

HashDit

HashDit

HashDit products and services focus on helping build a safe ecosystem for both protocol users and smart contract developers on BNB Chain.

XONA Systems

XONA Systems

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.

Norwegian Data Protection Authority (Datatilsynet)

Norwegian Data Protection Authority (Datatilsynet)

The Norwegian Data Protection Authority (Datatilsynet) is the national data protection authority for Norway.