According to the recent findings of Interpol, cybercriminals have ramped up their attempts to pollute the IT networks of hospitals with ransomware.
AFTER the national Health Department launched the Electronic Vaccine Data System (EVDS) last week, the spotlight has fallen on cybersecurity at South African hospitals.
The EVDS will be used to roll out South Africa’s Covid-19 vaccination programme.
The EVDS is a self-registration portal that is part of the government’s plans to digitise South Africa’s public health information.
Staff in South African hospitals have been encouraged to be extra vigilant, especially in hospitals that have not completely embraced digital.
“Training employees to be vigilant and identify these cyberattacks before they even get to their systems, as they usually come in forms of harmless links in e-mails. Investing ineffective cybersecurity is really the most effective solution because it costs a lot more to fix a security breach and pay a ransom than it does to prevent one. Additionally, it is imperative that you respond quickly if and when your security is breeched. There are free consultancy services that vendors offer, and can help with recommendations that are very cost effective and helps hospitals save money and their reputation,” security engineer at Check Point Software Technologies Ltd Nomatter Anderson told Independent Media.
When asked what South African hospitals can do to ensure that cyberattacks do not happen, Anderson said promoting security measures are vital.
“It is important that hospitals promote security measures and safeguards that are robust and aligned to industry standards and where possible industry best practices. For example, South Africa’s new data law POPIA came into effect on July 1, 2020 with a grace period of 12 months, meaning that enforcement will begin July 1, 2021. POPIA requires that businesses, including hospitals, ensure the security and integrity of personal information in their possession. Hospitals need to consider their risks in relation to an attack by putting in place a robust, comprehensive data breach/cyber incident response plan in place – which can be immediately implemented. Develop a proactive management strategy as well as a crisis driven one.
Enter the Internet of Things (IoT). IoT is described as a network of physical devices that uses connectivity to enable the exchange of data.
In health care, IoT, powered by the new and emerging 5G networks, can have potential benefits. However, the use of IoT in health care has downsides. IoT devices are simple, making them vulnerable to being exploited by cybercriminals.
Hospitals have to contend with a new set of challenges and characteristics. In some cases, there are on average 10 to 15 medical devices per bed, but many of these devices were designed with little to no security in mind. Almost half of connected medical devices run on unsupported operating systems that no longer receive security updates. This makes them more vulnerable for cyberattacks.
Compromised electronic protected health information (ePHI) records are sold underground for thousands of rand and, if not careful, hospitals could spend an average of up to R6,000 per record to mitigate each stolen medical identity.
According to the recent findings of Interpol, the International Criminal Police Organization, threat actors have ramped up their attempts to pollute the IT networks of hospitals with ransomware even as the Covids-19 pandemic continues.
The outcome of these cyberattacks will not only result in data damage or monetary damages to the organization, it also hinders quick medical response and has the potential to impact the physical well-being of the patients, making the situation a literal matter of life and death.
Health care institutions are encouraged to do continuous data backups and regular patching.
Patching is a critical component in defending against ransomware attacks as cybercriminals will often look for the latest uncovered exploits in the patches made available and then target systems that are not yet patched.
Hospitals should also make use of advanced protections in the enterprise network such as Intrusion Prevention System (IPS), Network Anti-Virus and Anti-Bot are also crucial and efficient in preventing known attacks.