2022 presents many challenges for healthcare – from quashing obesity to dualling with the COVID-19 pandemic – cybersecurity is another battle. It’s no exaggeration that protecting healthcare organisations from cyber-attacks can be a matter of life and death. 

The WannaCry global ransomware attack, which affected 80 hospital trusts and 595 GP practices across England, was arguably the first major wake-up call to healthcare providers. 

Although not specifically aimed at the NHS, it resulted in the cancellation of thousands of operations and appointments, reducing staff to using pen and paper or their own mobiles and laptops. 

Critical medical devices and equipment – such as MRI scanners and blood test analysis devices – were also affected. Since then, there has been a widespread view that the NHS is vulnerable to other serious attacks. As the Chief Information Officer of the health and social care system, William Smart, said in a review of the incident. 

“This disruption to patient care has made it even clearer how dependent the NHS is on information technology and, as a result, the need for security improvements to be made across the service… WannaCry has made clear the need for the NHS to step up efforts with cyber security so that every possible protection is taken to defend against a future attack.”  

Rather than impose a ‘one-size-fits-all’ top-down solution, Smart said the answer lay in proportionate measures for individual trusts and organisations to implement. The review found that most trusts that were assessed needed to upgrade firewalls, improve network resilience and segmentation, improve device security through device replacement and automation of patch management, and improve anti-virus protection.  

More recent high-profile attacks affecting the healthcare sector include:  

• In May 2021, Ireland’s Health and Safety Executive was hit with a malware attack by the hacking group Conti, which claimed to have stolen 700GB of patient data, disabling many computers and devices 
• An attack in New Zealand in May 2021, which disabled the information systems of five different hospitals 
• In September 2020, some 400 hospitals and healthcare facilities in the United States and UK lost access to patient records, resulting in delayed patient care and ambulances being rerouted, with the disruption lasting three weeks 
• In October 2021, the Hillel Yaffe Medical Centre in Hadera, Israel, where some patients had to be diverted to alternative facilities, according to local media

In addition, the FIN12 cybercriminal group deploying Ryuk ransomware was responsible for around 20% of all ransomware intrusions responded to by Mandiant2 in the past 12 months, with the healthcare sector being “disproportionately impacted”. According to a new study3, 81% of UK healthcare organisations suffered a ransomware attack in the past year, with 64% saying they had to cancel face-to-face appointments because of an attack, while 65% believe that a cyber-attack on their systems could lead to a loss of life. Worryingly, in the third quarter of 2021 there was a 30% increase in attacks on the healthcare sector, compared to the previous three-month period. 

What can be done to guard healthcare organisations against cyber attacks?

If they find they are unable to commit as much resource as needed to defend against cybercrime, NHS trusts and other healthcare organisations are advised to consider outsourcing a managed security service provider (MSSP). 

A reputable MSSP can provide 24/7 security from full-time experts at a lower cost than in-house resources, providing a much faster threat response. But MSSPs offering services to healthcare organisations have to be able to create a bespoke security system that responds to the healthcare workflow and prioritises patient care. 

Reducing the vulnerability of healthcare organisations to cyber-attacks must take a multi-angled approach, with the basics including: 

1. Carry out staff awareness training on phishing, malicious email and social engineering 
2. Regularly back-up files from a known safe state and ensure they are stored offline 
3. Use a Security Information and Event Management (SIEM) system to increase log retention and availability 
4. Use a EDR (Endpoint Detection & Response) solution with tamper protection to allow for containment and eradication of active threats
5. Create strong access controls and network segmentation for confidential patient and organisational data 
6. Use multi-factor authentication for all remote access via the internet 

With thanks to HealthcareGlobal.com. The full story is here: https://healthcareglobal.com/hospitals/defending-the-nhs-from-cyber-attacks-in-2022

---

Request A Demo: Security Awareness Training

New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW