Due to the sensitive information housed within medical records (Social Security numbers, addresses, medical claim data etc.), healthcare has always been one of the most frequently targeted industries by cybercriminals. Hackers who successfully steal this data can profit in a big way, as it has high value in the cybercrime black market.
As digital capabilities grow within healthcare, so too do the number of vulnerabilities. This upsurge in capabilities and targets can largely be credited to the rise of the Internet of Medical Things (IoMT), which has opened the doors to both improved processes and patient care, as well as to increased risk.
Cybercriminals see these open channels as just another avenue for data theft, profit and taking control. This aspect of losing control is what scares professionals the most across healthcare, as Internet-connected devices are used to keep people alive, and a loss of control could potentially result in the loss of life.
Let’s take a look at the IoMT’s role in healthcare today, the compounded growth of threats, the risks and what can be done to defend against these cyberthreats.
By the year 2020, the majority of new business systems and processes will feature some aspect of the Internet of Things (IoT), as IoT allows physical devices to better connect with other critical business and network processes.
The healthcare industry is poised to keep this trend moving forward. As of 2014, healthcare IoT was valued at nearly $25 billion. While this may seem like an impressive number, these investments are expected to increase dramatically, according to P&S Market Research.
In fact, the demand for better-connected healthcare systems, remote patient monitoring devices and more are all expected to keep the value rising, with a forecasted CAGR of 37.6 percent through 2020.
The addition of connected devices to the healthcare industry has expanded the surface area for possible attacks. Further, many healthcare institutions lack adequate security capabilities. The combination of these two factors equates to an “easy win” in the eyes of cybercriminals.
Some of the more traditional forms of cyberattacks, like phishing schemes and DDoS, are still alive and well, but healthcare IT security is now faced with combating attacks on connected medical devices in healthcare facilities, as well as home health devices. These devices have, for the most part, not been designed with security as a top-of-mind concern, as developers are primarily focused on functionality and ease of use.
As a result, attackers are not only exploiting inadequate IT security to gain unfettered access to networks and data, but actual control of IP-enabled medical devices themselves. Vulnerable systems, valuable data and a wide-open surface are putting the industry in the attack spotlight and, as a result, have medical IT teams on edge.
With what we now know about the IoMT, it should come as no surprise that security budgets to defend against threats have been growing. “Gartner believes that the average security budget for IT, operational technology (OT) and IoT security requirements will respond to the growth of IoT devices across all business segments and scenarios, rising from less than one percent of annual security budgets in 2015 to 20 percent in 2020.”
There are a number of different features healthcare IT professionals should look for when evaluating a security vendor’s solutions and capabilities.
One critical consideration is that a vendor be able to provide internal segmentation firewalls (ISFWs) to defend against breaches, as the landscape of networks is typically wide open and flat. Because ISFWs operate inside the network instead of at the edge, they allow healthcare organizations to intelligently segment networks between patients, administrators, healthcare professionals and guests, as well as between types of devices – for example, between a patient information system and a life-saving heart monitor or infusion pump.
It can then prioritize interconnected medical devices that need the highest degrees of protection and monitoring, and inspect and monitor all traffic moving between segments, all without impacting performance.
A healthcare security vendor should also have a team in place that’s dedicated to uncovering the latest threat intelligence, so real-time threat and mitigation updates can be made expeditiously, before cybercriminals take advantage of any weaknesses in connected IoT devices or the critical services they provide.
Today’s healthcare institutions should continue looking for new ways to improve the patient experience and save lives, without having to worry about dangerous cybercriminals breaching their systems. Which means that security should never be neglected during implementation or forgotten about after new devices have been activated.
Today’s cybercriminals are smarter and more determined than ever, and the healthcare industry needs to be aware of the trends, capabilities and possible avenues of attack that they are looking to exploit.