Technology is booming in healthcare organisations with digital transformation policies leading to increased adoption of connected medical devices, big data analytics for faster and more accurate diagnoses, and paperless systems for the easy exchange of patient information.
As technology becomes more ingrained into core healthcare offerings, there is an increased threat of cyberattacks disrupting services, stealing sensitive patient data, and putting lives at risk. Infoblox commissioned a survey of UK and US healthcare IT professionals to gain a better understanding of whether the healthcare industry is adequately prepared to combat this evolving threat.
>See also: Securing healthcare: is it possible?
Ready for ransomware
Following the significant disruption caused to the NHS by WannaCry in May 2017, many healthcare organisations are preparing themselves for further ransomware attacks. One quarter of participating healthcare IT professionals reported that their organisation would be willing to pay a ransom in the event of a cyber attack. Of these, 85% of UK respondents have a plan in place for this situation.
Dangerous operating systems
The number of connected devices on healthcare organisations’ networks is exploding, with 47 per cent of the large healthcare organisations surveyed indicating that they are managing over 5,000 devices on their network.
One in five healthcare IT professionals reported that Windows XP is running on their network, which has been unsupported since April 2014. 18 per cent indicated that connected medical devices on their network are running on the unsupported operating system, leaving organisations open to exploitation through security flaws in these unpatched devices.
>See also: Cyber attacks target healthcare and social media users – McAfee
Patching outdated operating systems is impossible for the 7% of IT professionals responding that they don’t know what operating systems their medical devices are running on. Even when the operating system these devices run on is known, a quarter (26%) of large organisations either can’t or don’t know if they can update these systems.
Investing against the threat
85% of healthcare IT professionals reported that their organisation has increased their cyber security spending in the past year, with 12% of organisations increasing spending by over 50%.
Traditional security solutions are the most popular, with anti-virus software and firewalls the solutions most invested in over the past year, at 61% and 57% respectively.
Half of organisation have invested in network monitoring to identify malicious activity on the network; one third have invested in DNS security solutions, which can actively disrupt Distributed Denial of Service (DDoS) attacks and data exfiltration; and 37% have invested in application security to secure web applications, operating systems and software.
Rob Bolton, Director of Western Europe at Infoblox said: “The healthcare industry is facing major challenges that require it to modernise, reform and improve services to meet the needs of ever more complex, instantaneous patient demands. Digital transformation presents a massive opportunity to support the doctors and nurses who work tirelessly – but these new technologies also introduce new cyber risk that must be mitigated.
>See also: NHS ‘will be hit by more cyber attacks’
The widespread disruption experienced by the NHS during the WannaCry outbreak demonstrated the severe impact to health services that can be caused by a cyberattack. It’s crucial that healthcare IT professionals plan strategically about how they can manage risk within their organisation and respond to active threats to ensure the security and safety of patients and their data.”
The report includes a case study on how Geisinger Health uncovered malicious activity on its network and was able to quickly and accurately identify the offending device, containing the malware before it spread throughout the network.
Commenting on the event, Rich Quinlan, senior technical analyst at Geisinger Health, said: “In spite of all the conventional steps we take to protect our internal network, patient care could still be affected. We could have an entire hospital full of useless ultrasound devices because one was brought in with a virus and we have no control over them. And if it was able to exfiltrate data, we would have a compliance issue.”