International. Cyberattacks on the health sector have been constant and are increasing since the pandemic, probably due to the valuable information that is protected there. This is one of the most attacked sectors in Latin America, with irreparable consequences such as patient deaths.
According to Akamai, as a result of the pandemic, cyberattacks on the health sector have not ceased, but on the contrary have been increasing, already ranking among the main sectors attacked in Latin America.
"An attack on a hospital, for example, has serious and unfortunate consequences, causing from the death of patients to causing delays in surgeries or patient care, as well as causing damage to medical equipment and even causing shortages of medicines."
The brand confirms that previously ransomware-focused criminal organizations avoided targets where human life was in danger, but today, hospitals are targeted, ignoring the risk to humans.
"In Latin America there have been several cyberattacks, some of them disclosed, such as the computer attack on public platforms in Costa Rica that caused convulsions in the expanded network of hospitals and clinics. Another of the most notorious cases was the cyber attack on the website of the National Institute for Drug and Food Surveillance (Invima) in Colombia, which resulted in the non-availability of information and applications external to the institute. "
Oswaldo Palacios, senior account executive for Akamai reported that the greatest cyber risk that the health sector is facing is not only the theft, kidnapping or loss of data as such, but the alteration in the operation of the system as the main objective. "A patient should not arrive at a hospital where X-ray equipment or some other device that is connected to the computer network does not work because they were hacked."
It is important to note that at the end of January, the US Federal Bureau of Investigation (FBI) managed to dismantle the Hive Ransomware group that has attacked more than 1500 victims in more than 80 countries around the world, including hospitals, schools, financial companies and critical infrastructure.
A hospital attacked by the Hive Ransomware had to resort to analog methods to treat existing patients and was unable to accept new patients immediately after the attack.
Similarly, the Akamai expert stressed that if a health center tells the patient that they cannot access their data or results, the patient will go to another medical institution. This situation impacts on finances, workflow, scheduled processes, and in general on the usual operation of the institute.
On the other hand, Oswaldo Palacios said that, for example, an ultrasound or X-ray equipment that sends the results to a central server must have strict security protocols for those who access such information.
"There is a lot of valuable data from hospitals, health institutions, laboratories, etc., that can be stolen and sold. Something that these institutions are not doing is having a preventive surface so that they know how to protect themselves. We understand that due to the nature of the operation, the institutions are focused on health and prevention issues; but along with their digital transformation, they must undertake a cybersecurity strategy that allows them to anticipate and avoid the risks of cyberattacks," said Oswaldo Palacios.
In that sense, the executive listed eight preventive actions that the health sector must carry out to counter cybercrime attacks.
1. Suitable network profiles. The computer network must be considered as a whole. Health professionals must have the appropriate profiles to access the information network.
2. Incorporate multi-factor authentication (MFA). Use multiple technologies to authenticate a user's identity. It is designed to be more secure than a simple login.
3. Visibility. You can't protect what you can't see. It is advisable to have visibility software to see how critical assets are being transmitted, such as a virtual file.
4. Enforcement. Once you know how critical assets are communicated, the health sector can do something called enforcement, that is, make decisions about the traffic they are seeing. Once this is done, a safe environment can be created.
5. Proactive security. A threat is not solved with just an antivirus. A proactive security practice attempts to locate and fix organizational vulnerabilities before they are exploited by cybercriminals.
6. Advanced cyber diagnostic assessments. Conduct cyberattacks assessments via email, networks and endpoints, as well as perform vulnerability scanning.
7. Controls critical business services such as DNS Remote Access and Active Directory.
8. Microsegmentation practices. They replace the complexity of VLANs, firewalls, and cloud security groups with a simplified, fast, and granular agnostic approach to diminish an attacker's ability to land and even more to move laterally through the environment.
Finally, Oswaldo Palacios said that through microsegmentation it is possible to identify gaps and threats in real time, in addition to shielding communications; The objective is that the data is not accessible to those who should not and that this access is segmented to reduce the attack surface.
Leave your comment