Healthcare IT continues to be a poster child for enterprise security at large. Infosecurity Magazine reported that healthcare data breaches rose 63% over the prior year. It's clear that health care is a common target for cybercriminals, but in what specific areas of health care do they find the most success?
1. Data in Transit
It comes as no surprise that sensitive information is one of the greatest draws of malicious hacking. Healthcare organizations, as it turns out, are rife with it. From X-rays and imaging to electronic health records (EHR) and billing, the healthcare industry relies heavily on the transmission of critical data.
Unfortunately, with so many moving parts and unique departments that need access to this information, managing security can be troublesome. Without a unified way to secure and transmit information regardless of source or destination, this data becomes potentially vulnerable to mishandling as multiple departments and users touch the data using different means of security. The result is users with incorrect access or data sent in an unsecured/unencrypted form. In other words, a hacker's dream come true.
2. Data at Rest
While data sent through the network unprotected is ripe for the picking from network sniffers, critical healthcare data that comes to rest in plain sight can be equally vulnerable. Hackers often don't have the luxury of time or inside knowledge to go directly to vulnerable systems. Instead, they simply use a "smash and grab" technique in which data is gobbled up regardless of location and form until the vector of attack is discovered and shut down.
As such, healthcare data security must encompass all data, at all times. Even healthcare organizations with facilities in geographically diverse areas must become united on a data security solution to prevent data vulnerability at rest. This includes a centralized way to encrypt data and manage access across all users and environments.
3. Data Users
Data in motion and at rest has a common, albeit passive enemy. The users that access and process it. When it comes to the healthcare industry, this aspect of security can be especially complex. Multiple data sources fed by distinct vendors leads to a variety of unique systems. Given the need for users to often have access to more than one system, it's easy to see how mistakes are made.
The two main tension points caused by data users are negligence and outdated permission. Hackers can hijack outdated accounts or those with weak authentication methods to gain access to the system. When it comes to negligence, the fast-paced world of health care can lead to data that's sent to the wrong recipient or left in an unprotected state. To combat these vulnerabilities, a way to centrally manage data users and their security must be deployed.
4. Outside Users
Not many industries have such an influx of customers in proximity to critical data. The unique circumstances that hospitals deal with every day could be likened to a hotel that also placed a computer with each patron's billing information in every room.
This presents a unique opportunity for social engineering since access points are spread throughout a facility. The sheer number of legitimate users and the distinct units they belong to only complicate this issue and make it difficult for users to truly know if a person is who they say they are.
5. Reliance on Network Connectivity
As ransomware continues to thrive as a form of cyberattack, industries that rely heavily on network access for basic business processes can be especially vulnerable. Healthcare is one such industry.
A November 2016 article published by Health Data Management discusses the unique relationship of ransomware and volumetric DDoS attacks. They found that healthcare's especially sensitive data and network requirements make it a prime target for network crippling DDoS attacks and ransomware injections.