Most cybercriminal behavior can be reduced to two basic economic drivers. The first is to look for targets with valuable resources that can be easily turned into profits. And the second is to expend as few resources as possible to access those resources. And for both of those objectives, the networks of healthcare organizations are at the top of the list.

 

Healthcare continues to be a prime target for cybercriminals

 

Healthcare networks are rich with exploitable resources. Unlike retail, for example, healthcare databases not only include the financial information of their patients, but their entire personal and medical histories, often collected over years. In addition, many hospitals and medical centers serve as networking hubs for a significant number of clinics, satellite offices, and individual practices, which means that a successfully compromised network can be mined for data for a long time.

 

And because these networks are often so large, they are constantly in flux, making imposing consistent security extremely difficult. Providing healthcare today depends on sharing critical information – both medical and financial – across a wide variety of healthcare providers and devices. Rolling data collection and input systems, access points, and medical IoT (MIoT) are only part of the potential attack surface. As with other industries, doctors, nurses, administrators, patients, and guests all tend to blend their personal and professional lives onto a single mobile device, creating new avenues for attacking a network.

 

Malware detection is up 62%

 

This is part of the reason why exploits designed to target the data and systems of individuals and organizations are at an all-time high, with the number of unique variants showing double-digit growth. While many attacks are comprised of the minimal amount of change that allows them to avoid detection by traditional security devices, many of them are also more advanced than ever.

 

According to the recent Fortinet Threat Landscape Report for Q3 of 2018, the number of new malware variants based on existing exploits grew 43% last quarter. And the volume of directed attacks grew over that same time period, causing the number of unique daily malware detections per organization to rise by 62%. Because cybercriminals continue to evolve threats by creating unique malware variants and families, the ongoing importance of leveraging threat intelligence and keeping assessment tools updated has never been stronger.

 

Four threat trends healthcare security teams need to follow

 

Here are four trends we have seen over the third quarter of 2018 that healthcare security teams need to be paying special attention to:

 

1) Mobile devices are a growing threat vector. Exploits targeting mobile devices are a growing threat that must be addressed. Over one-quarter of organizations experienced a mobile malware attack in Q3, with the vast majority targeting the Android operating system. Compromising mobile devices allows attackers to not only steal data stored on that device, but intercept the flow of data moving between the user and the healthcare database and other connected resources. And increasingly, they can become a gateway through which the larger healthcare network can be exploited. In fact, of all the threats organizations faced last quarter from all attack vectors, 14% were Android related. By comparison, only .000311% of threats were targeted to Apple iOS.

 

2) Cryptojacking has become a gateway for other attacks. In many industries, cryptojacking has leapfrogged ransomware as the malware of choice. While ransomware continues to be a serious concern for healthcare networks for a variety of reasons, the number of unique cryptojacking signatures nearly doubled in the past year, while the number of platforms now being compromised by cryptojacking jumped 38%. Perpetrators include advanced attackers using customized malware, as well as “as-a-service” options available on the dark web for novice criminals. Although it is often considered to be a nuisance threat that simply hijacks unused CPU cycles, a growing number of new attack techniques include disabling security functions on devices, enabling cryptojacking to become a gateway for additional attacks. As a result, underestimating the repercussions of cryptojacking places an organization under heightened risk.

 

3) Botnets are getting smarter. The number of days that a botnet infection was able to persist inside an organization increased 34% during Q3, rising from 7.6 to 10.2 days, indicating that botnets are becoming more sophisticated, difficult to detect, and harder to remove. This is also the result of many organizations still failing to practice good cyber hygiene, including patching and updating vulnerable devices, protecting devices such as MIoT that can’t be directly hardened, and thoroughly scrubbing a network after an attack has been detected. The importance of consistent security hygiene remains vital to addressing the total scope of these attacks as many botnets can go dormant upon detection, only to return after normal business operations have resumed if the root cause or “patient zero” has not been rooted out.

 

4) Encrypted Traffic Reaches a New Threshold. Encrypted traffic now represents over 72% of all network traffic, up from 55% just one year ago. While encryption can certainly help protect data in motion as it moves between a central physical or cloud-based network and clinics, practices, and mobile healthcare professionals, it also represents a challenge for traditional security solutions. The critical firewall and IPS performance limitations of most legacy security solutions continue to limit the ability of organizations to inspect encrypted data at network speeds. And so, rather than slowing down critical medical activities, a growing percentage of this traffic is not being analyzed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.

 

Addressing the Challenge

 

The challenge facing many healthcare organizations is that transformation efforts have spread their security resources thin, restricted visibility and fragmented the controls of many organizations. To successfully address today’s challenges, healthcare security teams need to rethink their strategy, from implementing effective security hygiene measure, to implementing an integrated security fabric architecture that can seamlessly span the entire expanding attack surface for unified visibility and the ability to orchestrate controls from a single console.

 

Additional strategies include:

 

  1. Countering today’s advanced threats. Digital transformation requires an equivalent security transformation. This includes a shift from point security products, manual security management, and reactive security to a strategy where different security elements are integrated into a single system, security workflows can span multiple network ecosystems, and threat-intelligence is centrally collected and correlated.
  2. Implementing automation. As the speed of threats rapidly increases, the time windows for prevention, detection, and remediation continue to shrink. Rapid response times are crucial, which makes the implementation of automation essential. Organizations require a security platform where each element is designed to communicate with the others in real time.
  3. Tracking devices. One essential approach to combating things like cryptojacking involves maintaining a comprehensive inventory of devices (especially MIoT devices) using third-generation network access controls and baselining their behavior. With this information in hand, you’re able to monitor for aberrant behavior that may reflect cryptojacking and other malicious activity.
  4. Addressing the threat of mobile device. More than seven in 10 clinicians in a recent survey say their hospitals support some sort of BYOD strategy. But even in hospitals and clinics where BYOD is prohibited, 65 percent of doctors and 41 percent of nurses report that they still use their personal devices on the hospital network. Security leaders need to ensure they have the appropriate controls in place to protect themselves against compromised mobile devices. This requires that wireless access points and mobile security services be fully integrated into next-generation firewalls, combined with automated threat-intelligence sharing. Network access control solutions can also help establish broad device visibility combined with more granular network control.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
Realme Philippines Offers Wide-Activities for Lazada 12.12 Including Whole-Day Sale of Php5,490 for Realme C1
Techworld Date Posted: 10 December 2018 1:34 PM | 247 Views
The Realme C1, the #RealEntryLevelKing, redefines the benchmark for entry-level smartphones, packing software and hardware features previously not available in devices in the same price segment.. See More
 
Realme Philippines Offers Wide-Activities for Lazada 12.12 Including Whole-Day Sale of Php5,490 for Realme C1
Techworld Date Posted: 1:34 PM | 247 Views
The Realme C1, the #RealEntryLevelKing, redefines the benchmark for entry-level smartphones, packing software and hardware features previously not available in devices in the same price segment.See More

 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 9 February 2017 2:38 PM | 252 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on.... See More
 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 2:38 PM | 252 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on...See More

 
SAP, Accenture Collaborate to Nurture Next Generation of IT Talent in the Philippines
Techworld Date Posted: 24 August 2017 10:30 AM | 341 Views
SAP SE (NYSE: SAP), in collaboration with Accenture, announced a new next-generation program that aims to provide mentorship and skills development for future IT talent in the Philippines. The program aims to benefit 500.... See More
 
SAP, Accenture Collaborate to Nurture Next Generation of IT Talent in the Philippines
Techworld Date Posted: 10:30 AM | 341 Views
SAP SE (NYSE: SAP), in collaboration with Accenture, announced a new next-generation program that aims to provide mentorship and skills development for future IT talent in the Philippines. The program aims to benefit 500...See More

 
Say Goodbye to Dead Spots at Home and Say Hello to Google WiFi! PLDT Teams Up with Google to Give You the Strongest and Seamless Connections at Home
Techworld Date Posted: 25 October 2018 2:32 PM | 238 Views
Nothing ruins an online experience like an interrupted connection. Whether you’re streaming the final episode of your favorite series, uploading an important file to make a deadline or video calling with your bestfriend abroad,.... See More
 
Say Goodbye to Dead Spots at Home and Say Hello to Google WiFi! PLDT Teams Up with Google to Give You the Strongest and Seamless Connections at Home
Techworld Date Posted: 2:32 PM | 238 Views
Nothing ruins an online experience like an interrupted connection. Whether you’re streaming the final episode of your favorite series, uploading an important file to make a deadline or video calling with your bestfriend abroad,...See More

 
DJI Introduces Customer Loyalty Program for Ronin 3-Axis Stabilized Handheld Gimbal System
Techworld Date Posted: 18 September 2017 10:10 AM | 267 Views
DJI, the world's leader in creative camera technology, today announced a global customer loyalty program, rewarding long-time creative professionals who use its Ronin three-axis camera stabilizer and are ready to take their camera operating.... See More
 
DJI Introduces Customer Loyalty Program for Ronin 3-Axis Stabilized Handheld Gimbal System
Techworld Date Posted: 10:10 AM | 267 Views
DJI, the world's leader in creative camera technology, today announced a global customer loyalty program, rewarding long-time creative professionals who use its Ronin three-axis camera stabilizer and are ready to take their camera operating...See More

 
Power Mac Center Pioneers iPhone Display Repairs in PH
Techworld Date Posted: 23 July 2018 2:46 PM | 610 Views
Power Mac Center’s Apple Authorized Service Provider is now offering replacement repair services for damaged iPhone display screens. It is the first Service Center in the country to do so. Coverage includes cracked screens.... See More
 
Power Mac Center Pioneers iPhone Display Repairs in PH
Techworld Date Posted: 2:46 PM | 610 Views
Power Mac Center’s Apple Authorized Service Provider is now offering replacement repair services for damaged iPhone display screens. It is the first Service Center in the country to do so. Coverage includes cracked screens...See More

 
Roaming Mantis Extends DNS Hijacking Attacks from Asia to Rest of World, Adds Crypto-Mining
Techworld Date Posted: 18 May 2018 2:23 PM | 290 Views
On 16 April, Kaspersky Lab researchers reported on a new Android malware distributed through a domain name system (DNS) hijacking technique and targeting mainly smartphones in Asia. Four weeks on, the threat continues to.... See More
 
Roaming Mantis Extends DNS Hijacking Attacks from Asia to Rest of World, Adds Crypto-Mining
Techworld Date Posted: 2:23 PM | 290 Views
On 16 April, Kaspersky Lab researchers reported on a new Android malware distributed through a domain name system (DNS) hijacking technique and targeting mainly smartphones in Asia. Four weeks on, the threat continues to...See More

 
Operation ShadowHammer New Supply Chain Attack Threatens Hundreds of Thousands of Users Worldwide
Techworld Date Posted: 2 April 2019 4:04 PM | 42 Views
A supply chain attack is one of the most dangerous and effective infection vectors, increasingly exploited in advanced operations over the last few years – as we have seen with ShadowPad or CCleaner. It.... See More
 
Operation ShadowHammer New Supply Chain Attack Threatens Hundreds of Thousands of Users Worldwide
Techworld Date Posted: 4:04 PM | 42 Views
A supply chain attack is one of the most dangerous and effective infection vectors, increasingly exploited in advanced operations over the last few years – as we have seen with ShadowPad or CCleaner. It...See More

 
Best Gadgets That Will Make Your Christmas Shopping a Breeze
Techworld Date Posted: 13 November 2018 3:55 PM | 220 Views
Make your Christmas shopping easier this 2018 with Gadget Goods Asia’s Christmas package as they offer five unique travel and work gadgets at great discounts. . See More
 
Best Gadgets That Will Make Your Christmas Shopping a Breeze
Techworld Date Posted: 3:55 PM | 220 Views
Make your Christmas shopping easier this 2018 with Gadget Goods Asia’s Christmas package as they offer five unique travel and work gadgets at great discounts. See More

 
Printers, eSport and Cryptocurrencies: New Kaspersky Lab DDoS Intelligence Quarterly Report Combines Them All
Techworld Date Posted: 25 July 2018 4:27 PM | 246 Views
Kaspersky Lab has published its report on botnet-assisted DDoS attacks for the second quarter of 2018. Over the last three months, the company’s experts have observed cybercriminals recall old vulnerabilities, make use of cameras.... See More
 
Printers, eSport and Cryptocurrencies: New Kaspersky Lab DDoS Intelligence Quarterly Report Combines Them All
Techworld Date Posted: 4:27 PM | 246 Views
Kaspersky Lab has published its report on botnet-assisted DDoS attacks for the second quarter of 2018. Over the last three months, the company’s experts have observed cybercriminals recall old vulnerabilities, make use of cameras...See More


Power by

Download Free AZ | Free Wordpress Themes