International. According to Nozomi Networks' OT and IoT Security Report, the Health and Public Health sector is one of the most vulnerable, hence the importance of taking into account network health, software vulnerabilities, credential risks and limited data.
Nozomi Networks, explained in depth these four key aspects that the health sector must contemplate to keep its critical infrastructure safe and take care of the integrity of patients.
Since 2020, several cyberattacks on hospitals around the world have been reported. According to Nozomi Networks' OT and IoT Security Report, the Health and Public Health sector is one of the most vulnerable, ranking fourth in cases of disclosed information.
In addition, the costs of ransomware to care facilities and hospitals has reached up to 1.5 million dollars a day, as happened with the attack on the medical network of a university in Vermont, United States.
Fernando Castro, sales director for South America of Nozomi Networks, explained: "Through technological systems in medical services, various procedures and controls of critical systems such as respirators, medication supply, vital signs monitors, among others, are carried out. Many of them connect to the internet by collecting and sharing sensitive information between devices and networks, to improve the efficiency and effectiveness of care. However, their level of importance to hospitals and individuals in general has put them in the crosshairs of cybercriminals, which can put patient safety and the integrity of medical data at risk."
To adequately protect themselves from the risks to which they are exposed, providers and health entities need to implement cutting-edge solutions to properly monitor and monitor the behavior of their equipment and devices, in addition to identifying suspicious behaviors or activities in time.
These are the four keys that the sector must consider to have mature cybersecurity strategies in their systems:
1. Network Health: Lack of visibility into the network is a big problem for cyber threat protection. Without a real-time map of the inventory of machines and computers communicating in their environment, organizations cannot identify unauthorized devices or detect malicious activity.
2. Vulnerabilities in product software: they are not all the same; The degree to which vulnerabilities affect the integrity and availability of systems varies. Some of them are limited in scope and only apply to certain features or software interfaces, while others may have additional controls that mitigate their severity and level of risk to the network.
3. Credential risks: Default remote access is a major threat to the security of network-connected medical devices. Attackers steal and use these credentials to access the system and deploy a botnet attack, which can put patients' privacy and security at risk.
4. Limited data: Anomaly detection and behavioral analysis in network operations are valuable tools for improving threat intelligence and overall security postures, although the amount of information available may be limited. Constant monitoring and analysis can help security leaders identify the root causes of unexpected changes in operations and deviations from normal behavior.
Like other sectors, cybersecurity has become a priority for the protection of critical infrastructures that provide vital services such as energy, water, gas and, of course, the health of citizens. This issue has also been taken into account by regulatory and governmental entities, which have established regulations and security standards, in order to protect the integrity of the system and the welfare of citizens to the maximum.
Fernando Castro, indicated that the OT and IoT cybersecurity sector, health is one of the main priorities of our work. We constantly improve our solutions to detect malware and indicators of compromise (IOCs) by combining multiple forms of OT/IoT/IT threat detection, and continuously receiving up-to-date asset and threat intelligence.
And finally, he assured that it is crucial that any hospital, care center or provider of these services include these tools in their security strategy and avoid being a victim of cybercriminals.