Most cybercriminal behavior can be reduced to two basic economic drivers. The first is to look for targets with valuable resources that can be easily turned into profits. And the second is to expend as few resources as possible to access those resources. And for both of those objectives, the networks of healthcare organizations are at the top of the list.

 

Healthcare continues to be a prime target for cybercriminals

 

Healthcare networks are rich with exploitable resources. Unlike retail, for example, healthcare databases not only include the financial information of their patients, but their entire personal and medical histories, often collected over years. In addition, many hospitals and medical centers serve as networking hubs for a significant number of clinics, satellite offices, and individual practices, which means that a successfully compromised network can be mined for data for a long time.

 

And because these networks are often so large, they are constantly in flux, making imposing consistent security extremely difficult. Providing healthcare today depends on sharing critical information – both medical and financial – across a wide variety of healthcare providers and devices. Rolling data collection and input systems, access points, and medical IoT (MIoT) are only part of the potential attack surface. As with other industries, doctors, nurses, administrators, patients, and guests all tend to blend their personal and professional lives onto a single mobile device, creating new avenues for attacking a network.

 

Malware detection is up 62%

 

This is part of the reason why exploits designed to target the data and systems of individuals and organizations are at an all-time high, with the number of unique variants showing double-digit growth. While many attacks are comprised of the minimal amount of change that allows them to avoid detection by traditional security devices, many of them are also more advanced than ever.

 

According to the recent Fortinet Threat Landscape Report for Q3 of 2018, the number of new malware variants based on existing exploits grew 43% last quarter. And the volume of directed attacks grew over that same time period, causing the number of unique daily malware detections per organization to rise by 62%. Because cybercriminals continue to evolve threats by creating unique malware variants and families, the ongoing importance of leveraging threat intelligence and keeping assessment tools updated has never been stronger.

 

Four threat trends healthcare security teams need to follow

 

Here are four trends we have seen over the third quarter of 2018 that healthcare security teams need to be paying special attention to:

 

1) Mobile devices are a growing threat vector. Exploits targeting mobile devices are a growing threat that must be addressed. Over one-quarter of organizations experienced a mobile malware attack in Q3, with the vast majority targeting the Android operating system. Compromising mobile devices allows attackers to not only steal data stored on that device, but intercept the flow of data moving between the user and the healthcare database and other connected resources. And increasingly, they can become a gateway through which the larger healthcare network can be exploited. In fact, of all the threats organizations faced last quarter from all attack vectors, 14% were Android related. By comparison, only .000311% of threats were targeted to Apple iOS.

 

2) Cryptojacking has become a gateway for other attacks. In many industries, cryptojacking has leapfrogged ransomware as the malware of choice. While ransomware continues to be a serious concern for healthcare networks for a variety of reasons, the number of unique cryptojacking signatures nearly doubled in the past year, while the number of platforms now being compromised by cryptojacking jumped 38%. Perpetrators include advanced attackers using customized malware, as well as “as-a-service” options available on the dark web for novice criminals. Although it is often considered to be a nuisance threat that simply hijacks unused CPU cycles, a growing number of new attack techniques include disabling security functions on devices, enabling cryptojacking to become a gateway for additional attacks. As a result, underestimating the repercussions of cryptojacking places an organization under heightened risk.

 

3) Botnets are getting smarter. The number of days that a botnet infection was able to persist inside an organization increased 34% during Q3, rising from 7.6 to 10.2 days, indicating that botnets are becoming more sophisticated, difficult to detect, and harder to remove. This is also the result of many organizations still failing to practice good cyber hygiene, including patching and updating vulnerable devices, protecting devices such as MIoT that can’t be directly hardened, and thoroughly scrubbing a network after an attack has been detected. The importance of consistent security hygiene remains vital to addressing the total scope of these attacks as many botnets can go dormant upon detection, only to return after normal business operations have resumed if the root cause or “patient zero” has not been rooted out.

 

4) Encrypted Traffic Reaches a New Threshold. Encrypted traffic now represents over 72% of all network traffic, up from 55% just one year ago. While encryption can certainly help protect data in motion as it moves between a central physical or cloud-based network and clinics, practices, and mobile healthcare professionals, it also represents a challenge for traditional security solutions. The critical firewall and IPS performance limitations of most legacy security solutions continue to limit the ability of organizations to inspect encrypted data at network speeds. And so, rather than slowing down critical medical activities, a growing percentage of this traffic is not being analyzed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.

 

Addressing the Challenge

 

The challenge facing many healthcare organizations is that transformation efforts have spread their security resources thin, restricted visibility and fragmented the controls of many organizations. To successfully address today’s challenges, healthcare security teams need to rethink their strategy, from implementing effective security hygiene measure, to implementing an integrated security fabric architecture that can seamlessly span the entire expanding attack surface for unified visibility and the ability to orchestrate controls from a single console.

 

Additional strategies include:

 

  1. Countering today’s advanced threats. Digital transformation requires an equivalent security transformation. This includes a shift from point security products, manual security management, and reactive security to a strategy where different security elements are integrated into a single system, security workflows can span multiple network ecosystems, and threat-intelligence is centrally collected and correlated.
  2. Implementing automation. As the speed of threats rapidly increases, the time windows for prevention, detection, and remediation continue to shrink. Rapid response times are crucial, which makes the implementation of automation essential. Organizations require a security platform where each element is designed to communicate with the others in real time.
  3. Tracking devices. One essential approach to combating things like cryptojacking involves maintaining a comprehensive inventory of devices (especially MIoT devices) using third-generation network access controls and baselining their behavior. With this information in hand, you’re able to monitor for aberrant behavior that may reflect cryptojacking and other malicious activity.
  4. Addressing the threat of mobile device. More than seven in 10 clinicians in a recent survey say their hospitals support some sort of BYOD strategy. But even in hospitals and clinics where BYOD is prohibited, 65 percent of doctors and 41 percent of nurses report that they still use their personal devices on the hospital network. Security leaders need to ensure they have the appropriate controls in place to protect themselves against compromised mobile devices. This requires that wireless access points and mobile security services be fully integrated into next-generation firewalls, combined with automated threat-intelligence sharing. Network access control solutions can also help establish broad device visibility combined with more granular network control.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
SAP Launches Youth Enablement Program in Southeast Asia
Techworld Date Posted: 16 September 2017 9:43 AM | 246 Views
SAP SE (NYSE: SAP) today announces the launch of its flagship program for young talents, SAP's Young Professional Program (YPP), in Southeast Asia. Developed by the SAP Training and Development Institute (SAP TDI), this.... See More
 
SAP Launches Youth Enablement Program in Southeast Asia
Techworld Date Posted: 9:43 AM | 246 Views
SAP SE (NYSE: SAP) today announces the launch of its flagship program for young talents, SAP's Young Professional Program (YPP), in Southeast Asia. Developed by the SAP Training and Development Institute (SAP TDI), this...See More

 
No Room for Cyber-Complacency: a Quarter of DDoS Attacks Claim Unintended Victims
Techworld Date Posted: 2 April 2018 3:52 PM | 641 Views
Over a quarter of businesses that have been hit by a Distributed Denial of Service (DDoS) attack don’t think they were the intended target, highlighting that businesses can’t afford to be complacent when it.... See More
 
No Room for Cyber-Complacency: a Quarter of DDoS Attacks Claim Unintended Victims
Techworld Date Posted: 3:52 PM | 641 Views
Over a quarter of businesses that have been hit by a Distributed Denial of Service (DDoS) attack don’t think they were the intended target, highlighting that businesses can’t afford to be complacent when it...See More

 
Epson Wins Good Design Awards for Projectors, Printers, and Scanner
Techworld Date Posted: 7 December 2018 4:35 PM | 93 Views
Seiko Epson Corporation (TSE: 6724, "Epson") has won a 2018 Good Design Award for a total of eight designs, including three for projectors, four for printers, and one for a scanner.. See More
 
Epson Wins Good Design Awards for Projectors, Printers, and Scanner
Techworld Date Posted: 4:35 PM | 93 Views
Seiko Epson Corporation (TSE: 6724, "Epson") has won a 2018 Good Design Award for a total of eight designs, including three for projectors, four for printers, and one for a scanner.See More

 
Thailand and Vietnam Take Top Honors at GeForce eSports Xtreme Tournament in Southeast Asia
Techworld Date Posted: 28 November 2017 10:17 AM | 586 Views
The GeForce® eSports Xtreme Tournament (GEXT) in Southeast Asia came to a truly exciting ending with teams from Thailand and Vietnam emerging as champions in their respective categories. . See More
 
Thailand and Vietnam Take Top Honors at GeForce eSports Xtreme Tournament in Southeast Asia
Techworld Date Posted: 10:17 AM | 586 Views
The GeForce® eSports Xtreme Tournament (GEXT) in Southeast Asia came to a truly exciting ending with teams from Thailand and Vietnam emerging as champions in their respective categories. See More

 
Kingston Ships Second-most SSDs in Channel Worldwide in 2016
Techworld Date Posted: 22 March 2017 1:45 PM | 192 Views
Kingston, the independent world leader in memory products, today announced it owns 16 percent of the global channel SSD unit market share for 2016. Data was compiled by the research firm, Forward Insights, which.... See More
 
Kingston Ships Second-most SSDs in Channel Worldwide in 2016
Techworld Date Posted: 1:45 PM | 192 Views
Kingston, the independent world leader in memory products, today announced it owns 16 percent of the global channel SSD unit market share for 2016. Data was compiled by the research firm, Forward Insights, which...See More

 
As Data Volumes Explode, Toshiba and Helium Help the Cloud Float to New Capacity Highs
Techworld Date Posted: 26 April 2018 5:31 PM | 425 Views
Storing digisnaps of places visited and meals eaten, archiving documents, sharing conference materials with colleagues; these days it’s becoming second nature to store all sorts of data in the cloud, where it’s safe until.... See More
 
As Data Volumes Explode, Toshiba and Helium Help the Cloud Float to New Capacity Highs
Techworld Date Posted: 5:31 PM | 425 Views
Storing digisnaps of places visited and meals eaten, archiving documents, sharing conference materials with colleagues; these days it’s becoming second nature to store all sorts of data in the cloud, where it’s safe until...See More

 
Fortinet Recommended in NSS Labs Next-Generation Intrusion Prevention System (NGIPS) Test
Techworld Date Posted: 16 November 2017 10:31 AM | 450 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Next-Generation Intrusion Prevention System (NGIPS) group test report.. See More
 
Fortinet Recommended in NSS Labs Next-Generation Intrusion Prevention System (NGIPS) Test
Techworld Date Posted: 10:31 AM | 450 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the results of the latest NSS Labs Next-Generation Intrusion Prevention System (NGIPS) group test report.See More

 
Chinese-Speaking APT Actor Caught Spying on Pharmaceutical Organizations
Techworld Date Posted: 15 March 2018 11:36 AM | 632 Views
Kaspersky Lab’s researchers have discovered evidence of an emerging and alarming trend: more and more advanced cyber threat actors are turning their attention to attacks against the healthcare sector. The infamous PlugX malware has.... See More
 
Chinese-Speaking APT Actor Caught Spying on Pharmaceutical Organizations
Techworld Date Posted: 11:36 AM | 632 Views
Kaspersky Lab’s researchers have discovered evidence of an emerging and alarming trend: more and more advanced cyber threat actors are turning their attention to attacks against the healthcare sector. The infamous PlugX malware has...See More

 
Say Goodbye to Dead Spots at Home and Say Hello to Google WiFi! PLDT Teams Up with Google to Give You the Strongest and Seamless Connections at Home
Techworld Date Posted: 25 October 2018 2:32 PM | 199 Views
Nothing ruins an online experience like an interrupted connection. Whether you’re streaming the final episode of your favorite series, uploading an important file to make a deadline or video calling with your bestfriend abroad,.... See More
 
Say Goodbye to Dead Spots at Home and Say Hello to Google WiFi! PLDT Teams Up with Google to Give You the Strongest and Seamless Connections at Home
Techworld Date Posted: 2:32 PM | 199 Views
Nothing ruins an online experience like an interrupted connection. Whether you’re streaming the final episode of your favorite series, uploading an important file to make a deadline or video calling with your bestfriend abroad,...See More

 
HyperX Ships 60 Million Memory Modules
Techworld Date Posted: 23 October 2018 10:31 AM | 117 Views
HyperX, the gaming division of Kingston Technology Company, Inc. has announced that since its inception in 2002, it has shipped over 60 million memory modules, which is equivalent to billions of bytes of memory.. See More
 
HyperX Ships 60 Million Memory Modules
Techworld Date Posted: 10:31 AM | 117 Views
HyperX, the gaming division of Kingston Technology Company, Inc. has announced that since its inception in 2002, it has shipped over 60 million memory modules, which is equivalent to billions of bytes of memory.See More


Power by

Download Free AZ | Free Wordpress Themes