Anatomy of a hospital cybersecurity attack

Anatomy of a hospital cybersecurity attack

September 12, 2018
Health IT Risk Management
By Mike Kijewski

Security is the collective responsibility of all players in a healthcare delivery organization (HDO), from vendors and third parties to threat intelligence-sharing platforms.

What makes healthcare, and particularly hospitals, a popular target?


Special-Pricing Available on Medical Displays, Patient Monitors, Recorders, Printers, Media, Ultrasound Machines, and Cameras.This includes Top Brands such as SONY, BARCO, NDS, NEC, LG, EDAN, EIZO, ELO, FSN, PANASONIC, MITSUBISHI, OLYMPUS, & WIDE.

● Highly valuable data – the volume of personal health information and financial details stored, combined with their sensitive nature, as nearly all of the data is governed by government regulations
● Lack of IT investment and training – healthcare is noted to have the lowest confidence in endpoint security, with 72 percent of participants feeling they are not up to the job of protecting endpoints from exploitation
● Highly connected systems – the scale of the IT infrastructure, overlapping systems, bluetooth/wireless connected devices and data constantly in transit increases the size of the threat landscape

According to the Ponemon Institute, this is the seventh year of healthcare data breaches costing the most, estimated at more than 2.5 times the cost of similar attacks in other industries.

To best defend against increasingly sophisticated cyber threats, we assess the threat landscape of an HDO, typical threats and better practices in preparing for a breach.

Assuming the reality of an HDO includes overlapping systems, lingering legacy systems and connected medical devices, it is easy to conclude HDOs and medical device vendors are faced with securing a complicated array of endpoints. With an increasing number of devices connecting to HDO networks, each endpoint presents a possible entry point from which a malicious actor could launch an attack.

Criminals are sophisticated, but also rely on probability odds. The more endpoints targeted, the higher the likelihood of finding an entry point. A recent review of all medical device disclosures identified a 400 percent increase quarter over quarter, with a prediction that the trend will increase. Whenever an endpoint connects or a user runs software that is unpatched or out of date, the threat surface expands.

The common phases of hacking (recon, discovery, exploitation, evil, persistence and movement) have identified the biggest threats to endpoints, outlined below:

You Must Be Logged In To Post A Comment