The healthcare industry must recognize the significance of cybersecurity in healthcare.
In the last two years, the Indian healthcare industry has seen a spike in the use of technologies such as IoT/IoMT and Cloud. The Medtech sector, in particular, has witnessed great demand as disruptive technologies such as AI/ML, Next Generation Sequencing (NSG), Cloud Computing, and better imaging have grown in importance in improving healthcare delivery. This is obvious given that India already has over 4,000 health tech start-ups, which will accelerate the domain’s growth. However, if Indian health tech businesses aspire to address patient needs through innovation, cybersecurity must come second.
Candy Hospital and Utkarsh Scans in Mumbai experienced one of India’s worst data breaches in 2020. Approximately one million medical data and 107 million connected medical pictures of Indian patients, including X-rays and scans, were openly available on the internet. Given the sensitivity of healthcare data, the healthcare industry as a whole must recognize the significance of cybersecurity in healthcare services. If a bad actor acquires sensitive data, such as a victim’s health and treatment history, biometric information, and so on, they may use it to launch major cyber threats, such as phishing and social engineering attacks, against them.
The development of medical and internet-connected gadgets has resulted in medicinal advantages as well as security risks. If an average hospital room has 15-20 gadgets, one may picture the amount of crucial data exchanged and stored daily. Former US Vice President Dick Cheney said in 2013 that his physicians had deactivated the wireless capability on his pacemaker because national security authorities were concerned that terrorists may hack into the device.
The difficulty with medical device security is that teams are often focused on well-known business assets. Asset inventory agents and network discovery scans, for example, do not function on unmanaged devices or do not find temporary devices. Aside from asset visibility, each medical device has unique basic security concerns, such as running on proprietary operating systems (OS) with inadequate security architectures or being vendor certified and thus impossible to install fixes.
Because of the development of IoT and IoT devices, threat actors’ tools and strategies for hacking them have become more sophisticated. As a result, healthtech providers are working harder than ever to get additional equipment. However, the business is beset by more than simply weak security systems; greater risks lurk.
According to an industry estimate, India ranks 10th globally in terms of ransomware assaults and second in the APAC area as of 2022. Ransomware is the preferred assault tactic against healthcare businesses, which accounts for more than one-fifth of all ransomware cases seen by our threat intelligence arm, Unit 42, globally. Hackers typically attempt to exploit any weakness to get access to an organization.
The most effective way for preventing ransomware attacks is to take a preventative approach. Steps must be taken right now to prevent these attacks from ever infiltrating your business. The attack surface of a firm expands proportionally to the number of applications and services required to function. It is critical to reducing the attack surface to prevent such dangers. Full visibility of network traffic across apps, threats, and user behavior are required to limit this attack surface. With this visibility, one may take steps such as banning unknown traffic, detecting sophisticated assaults, or simply enabling only apps with legitimate business purposes.
Following the reduction of the attack surface, the next stage is to block recognized threats. To do this, one must prevent known exploits, malware, and command-and-control communications from accessing the network. Once those are neutralized, the cost of carrying out an attack grows, reducing its likelihood by driving attackers to design new malware versions and execute new attacks. As attackers continue to adapt and build new ransomware variations, it is critical to recognize and fight these new attacks.
Business Email Compromise (BEC) attacks are the second most common cyber threat to the Indian healthcare industry. Fraudulent wire transfer requests, spam or phishing emails sent from one’s domain, and missing or deleted emails are all examples of BEC assaults. All of these are indications of illegal access to your email systems. A BEC assault on Christie Business Holdings Company, the entity behind Christie Clinic in Illinois, USA, was one of the greatest data breaches documented in 2022.
Multi-factor authentication (MFA) is critical for preventing BEC assaults, but it is only one component of a holistic approach. End-user education regarding phishing schemes is crucial in averting such assaults, whether they are workers or consumers. Furthermore, maintaining good cyber-hygiene concerning MFAs, such as using an OTP application and manually typing a code generated in an OTP application (such as Google Authenticator), reduces the likelihood of a user accepting unauthorized MFA requests in the event of brute-forcing or stolen credentials.
In essence, the sector has to take a proactive, rather than a reactive, approach to cybersecurity. While health tech providers must move security to the left and make it a major function of the development process, healthcare organizations must consider establishing strong network perimeters and operating with a security-first mindset in everyday operations.