Most cybercriminal behavior can be reduced to two basic economic drivers. The first is to look for targets with valuable resources that can be easily turned into profits. And the second is to expend as few resources as possible to access those resources. And for both of those objectives, the networks of healthcare organizations are at the top of the list.

 

Healthcare continues to be a prime target for cybercriminals

 

Healthcare networks are rich with exploitable resources. Unlike retail, for example, healthcare databases not only include the financial information of their patients, but their entire personal and medical histories, often collected over years. In addition, many hospitals and medical centers serve as networking hubs for a significant number of clinics, satellite offices, and individual practices, which means that a successfully compromised network can be mined for data for a long time.

 

And because these networks are often so large, they are constantly in flux, making imposing consistent security extremely difficult. Providing healthcare today depends on sharing critical information – both medical and financial – across a wide variety of healthcare providers and devices. Rolling data collection and input systems, access points, and medical IoT (MIoT) are only part of the potential attack surface. As with other industries, doctors, nurses, administrators, patients, and guests all tend to blend their personal and professional lives onto a single mobile device, creating new avenues for attacking a network.

 

Malware detection is up 62%

 

This is part of the reason why exploits designed to target the data and systems of individuals and organizations are at an all-time high, with the number of unique variants showing double-digit growth. While many attacks are comprised of the minimal amount of change that allows them to avoid detection by traditional security devices, many of them are also more advanced than ever.

 

According to the recent Fortinet Threat Landscape Report for Q3 of 2018, the number of new malware variants based on existing exploits grew 43% last quarter. And the volume of directed attacks grew over that same time period, causing the number of unique daily malware detections per organization to rise by 62%. Because cybercriminals continue to evolve threats by creating unique malware variants and families, the ongoing importance of leveraging threat intelligence and keeping assessment tools updated has never been stronger.

 

Four threat trends healthcare security teams need to follow

 

Here are four trends we have seen over the third quarter of 2018 that healthcare security teams need to be paying special attention to:

 

1) Mobile devices are a growing threat vector. Exploits targeting mobile devices are a growing threat that must be addressed. Over one-quarter of organizations experienced a mobile malware attack in Q3, with the vast majority targeting the Android operating system. Compromising mobile devices allows attackers to not only steal data stored on that device, but intercept the flow of data moving between the user and the healthcare database and other connected resources. And increasingly, they can become a gateway through which the larger healthcare network can be exploited. In fact, of all the threats organizations faced last quarter from all attack vectors, 14% were Android related. By comparison, only .000311% of threats were targeted to Apple iOS.

 

2) Cryptojacking has become a gateway for other attacks. In many industries, cryptojacking has leapfrogged ransomware as the malware of choice. While ransomware continues to be a serious concern for healthcare networks for a variety of reasons, the number of unique cryptojacking signatures nearly doubled in the past year, while the number of platforms now being compromised by cryptojacking jumped 38%. Perpetrators include advanced attackers using customized malware, as well as “as-a-service” options available on the dark web for novice criminals. Although it is often considered to be a nuisance threat that simply hijacks unused CPU cycles, a growing number of new attack techniques include disabling security functions on devices, enabling cryptojacking to become a gateway for additional attacks. As a result, underestimating the repercussions of cryptojacking places an organization under heightened risk.

 

3) Botnets are getting smarter. The number of days that a botnet infection was able to persist inside an organization increased 34% during Q3, rising from 7.6 to 10.2 days, indicating that botnets are becoming more sophisticated, difficult to detect, and harder to remove. This is also the result of many organizations still failing to practice good cyber hygiene, including patching and updating vulnerable devices, protecting devices such as MIoT that can’t be directly hardened, and thoroughly scrubbing a network after an attack has been detected. The importance of consistent security hygiene remains vital to addressing the total scope of these attacks as many botnets can go dormant upon detection, only to return after normal business operations have resumed if the root cause or “patient zero” has not been rooted out.

 

4) Encrypted Traffic Reaches a New Threshold. Encrypted traffic now represents over 72% of all network traffic, up from 55% just one year ago. While encryption can certainly help protect data in motion as it moves between a central physical or cloud-based network and clinics, practices, and mobile healthcare professionals, it also represents a challenge for traditional security solutions. The critical firewall and IPS performance limitations of most legacy security solutions continue to limit the ability of organizations to inspect encrypted data at network speeds. And so, rather than slowing down critical medical activities, a growing percentage of this traffic is not being analyzed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.

 

Addressing the Challenge

 

The challenge facing many healthcare organizations is that transformation efforts have spread their security resources thin, restricted visibility and fragmented the controls of many organizations. To successfully address today’s challenges, healthcare security teams need to rethink their strategy, from implementing effective security hygiene measure, to implementing an integrated security fabric architecture that can seamlessly span the entire expanding attack surface for unified visibility and the ability to orchestrate controls from a single console.

 

Additional strategies include:

 

  1. Countering today’s advanced threats. Digital transformation requires an equivalent security transformation. This includes a shift from point security products, manual security management, and reactive security to a strategy where different security elements are integrated into a single system, security workflows can span multiple network ecosystems, and threat-intelligence is centrally collected and correlated.
  2. Implementing automation. As the speed of threats rapidly increases, the time windows for prevention, detection, and remediation continue to shrink. Rapid response times are crucial, which makes the implementation of automation essential. Organizations require a security platform where each element is designed to communicate with the others in real time.
  3. Tracking devices. One essential approach to combating things like cryptojacking involves maintaining a comprehensive inventory of devices (especially MIoT devices) using third-generation network access controls and baselining their behavior. With this information in hand, you’re able to monitor for aberrant behavior that may reflect cryptojacking and other malicious activity.
  4. Addressing the threat of mobile device. More than seven in 10 clinicians in a recent survey say their hospitals support some sort of BYOD strategy. But even in hospitals and clinics where BYOD is prohibited, 65 percent of doctors and 41 percent of nurses report that they still use their personal devices on the hospital network. Security leaders need to ensure they have the appropriate controls in place to protect themselves against compromised mobile devices. This requires that wireless access points and mobile security services be fully integrated into next-generation firewalls, combined with automated threat-intelligence sharing. Network access control solutions can also help establish broad device visibility combined with more granular network control.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
There’s still time! Avail the Best Gaming Notebook This Holiday Season
Techworld Date Posted: 16 December 2017 4:43 PM | 368 Views
Only few days left for you to take advantage of this Christmas treat. MSI got you covered with up to P15,000 cash discount plus premium items as freebies upon purchase on select models. . See More
 
There’s still time! Avail the Best Gaming Notebook This Holiday Season
Techworld Date Posted: 4:43 PM | 368 Views
Only few days left for you to take advantage of this Christmas treat. MSI got you covered with up to P15,000 cash discount plus premium items as freebies upon purchase on select models. See More

 
Fortinet Predicts Highly Destructive and Self-Learning “Swarm” Cyber Attacks in 2018
Techworld Date Posted: 13 December 2017 4:02 PM | 270 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today unveiled predictions from the Fortinet FortiGuard Labs global research team about the threat landscape for 2018. The trends reveal the methods and strategies.... See More
 
Fortinet Predicts Highly Destructive and Self-Learning “Swarm” Cyber Attacks in 2018
Techworld Date Posted: 4:02 PM | 270 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today unveiled predictions from the Fortinet FortiGuard Labs global research team about the threat landscape for 2018. The trends reveal the methods and strategies...See More

 
NVIDIA Supersizes PC Gaming with New Breed of Big Format Gaming Displays
Techworld Date Posted: 8 January 2018 4:42 PM | 324 Views
Created in conjunction with NVIDIA hardware partners Acer, ASUS and HP, BFGDs integrate a high-end 65-inch, 4K 120Hz HDR display with NVIDIA® G-SYNC® technology together with NVIDIA SHIELDTM, the world’s most advanced streaming device.. See More
 
NVIDIA Supersizes PC Gaming with New Breed of Big Format Gaming Displays
Techworld Date Posted: 4:42 PM | 324 Views
Created in conjunction with NVIDIA hardware partners Acer, ASUS and HP, BFGDs integrate a high-end 65-inch, 4K 120Hz HDR display with NVIDIA® G-SYNC® technology together with NVIDIA SHIELDTM, the world’s most advanced streaming device.See More

 
Pascual Laboratories Partners with ePLDT, PLDT Enterprise to Address ‘Long Distance Work Relationship’
Techworld Date Posted: 25 October 2018 2:19 PM | 214 Views
ePLDT, the industry-leading enabler of digital enterprise solutions in the Philippines, and PLDT Enterprise — the B2B arm of PLDT — recently entered into a strategic engagement with one of the Philippines’ top pharmaceutical.... See More
 
Pascual Laboratories Partners with ePLDT, PLDT Enterprise to Address ‘Long Distance Work Relationship’
Techworld Date Posted: 2:19 PM | 214 Views
ePLDT, the industry-leading enabler of digital enterprise solutions in the Philippines, and PLDT Enterprise — the B2B arm of PLDT — recently entered into a strategic engagement with one of the Philippines’ top pharmaceutical...See More

 
ViewSonic is the Official Monitor Sponsor for Canon PhotoMarathon Philippines 2018
Techworld Date Posted: 9 November 2018 1:21 PM | 325 Views
Having over fifteen hundred enthusiastic photographers participating to compete for the best moment captured based on designated themes. ViewSonic will station three VP2468 at the emergency kiosk for participants to preview their work before.... See More
 
ViewSonic is the Official Monitor Sponsor for Canon PhotoMarathon Philippines 2018
Techworld Date Posted: 1:21 PM | 325 Views
Having over fifteen hundred enthusiastic photographers participating to compete for the best moment captured based on designated themes. ViewSonic will station three VP2468 at the emergency kiosk for participants to preview their work before...See More

 
Spy Spotting – What Careless Mistakes Reveal about Cyberespionage in APAC
Techworld Date Posted: 24 October 2017 10:22 AM | 368 Views
Kaspersky Lab’s Senior Security Researcher Noushin Shabab looks back at major cyberespionage cases that hit the Asia Pacific region to reveal the mistakes committed by cybercriminals that help researchers unmask their identity.   Errors.... See More
 
Spy Spotting – What Careless Mistakes Reveal about Cyberespionage in APAC
Techworld Date Posted: 10:22 AM | 368 Views
Kaspersky Lab’s Senior Security Researcher Noushin Shabab looks back at major cyberespionage cases that hit the Asia Pacific region to reveal the mistakes committed by cybercriminals that help researchers unmask their identity.   Errors...See More

 
Acer Philippines Maintains No. 1 Spot in the PC Market for 10 Years
Techworld Date Posted: 4 March 2019 3:43 PM | 6 Views
The results are in. The growth of the country’s Philippine Personal Computer (PC) market is the fastest in the ASEAN region. Acer leads the Philippine PC market in all circumstances for 10 years straight.... See More
 
Acer Philippines Maintains No. 1 Spot in the PC Market for 10 Years
Techworld Date Posted: 3:43 PM | 6 Views
The results are in. The growth of the country’s Philippine Personal Computer (PC) market is the fastest in the ASEAN region. Acer leads the Philippine PC market in all circumstances for 10 years straight...See More

 
Smart Eye: Kaspersky Lab Discovers Severe Flaws That Could Transform Popular Smart Cameras into Surveillance Tool
Techworld Date Posted: 13 March 2018 4:32 PM | 368 Views
Kaspersky Lab researchers have discovered multiple security vulnerabilities in popular smart cameras that are frequently used as baby monitors, or for internal home and office security surveillance. According to the research, the uncovered flaws.... See More
 
Smart Eye: Kaspersky Lab Discovers Severe Flaws That Could Transform Popular Smart Cameras into Surveillance Tool
Techworld Date Posted: 4:32 PM | 368 Views
Kaspersky Lab researchers have discovered multiple security vulnerabilities in popular smart cameras that are frequently used as baby monitors, or for internal home and office security surveillance. According to the research, the uncovered flaws...See More

 
STAR WARS FANS: CHOOSE YOUR SIDE!
Techworld Date Posted: 9 November 2017 1:11 PM | 364 Views
PHILIPPINES — November 8, 2017: Lenovo (HKSE: 992) (ADR: LNVGY), the world’s leading PC manufacturer, today announced that its highly anticipated,. See More
 
STAR WARS FANS: CHOOSE YOUR SIDE!
Techworld Date Posted: 1:11 PM | 364 Views
PHILIPPINES — November 8, 2017: Lenovo (HKSE: 992) (ADR: LNVGY), the world’s leading PC manufacturer, today announced that its highly anticipated,See More

 
Kaspersky Lab Invites Users to Reflect on How our Digital Footprint May Shape the Future
Techworld Date Posted: 23 April 2018 3:26 PM | 1 Views
Kaspersky Lab’s interactive multimedia project Earth 2050 has been accumulating predictions about environmental, social and technological developments for the upcoming 30 years since its launch in 2017. As Earth Day approaches, the company is.... See More
 
Kaspersky Lab Invites Users to Reflect on How our Digital Footprint May Shape the Future
Techworld Date Posted: 3:26 PM | 1 Views
Kaspersky Lab’s interactive multimedia project Earth 2050 has been accumulating predictions about environmental, social and technological developments for the upcoming 30 years since its launch in 2017. As Earth Day approaches, the company is...See More


Power by

Download Free AZ | Free Wordpress Themes