As per Association of American Medical Colleges (AAMC) reports, cyberattacks on hospitals have risen by 45% since 2020. This is because cybercriminals took advantage of the chaos after the start of the pandemic. Successful cyberattacks on hospitals cost a fortune. As per a study by security company Proofpoint, hospitals suffer almost one attack every week.
The four most common types of attacks are cloud compromise, ransomware, supply chain, and business email compromise (BEC)/spoofing phishing. More concerning though is that many of the organizations suffering from these attacks experienced increased patient mortality rates.
Cyberattacks move at a very fast pace and even the best-prepared people are prone to make mistakes in these high-stress situations. Every connected device increases the attack surface and monitoring all these devices manually is almost impossible. Cybersecurity in healthcare needs automation the most for this reason.
Role of Healthcare Organizations
Device manufacturers have the responsibility of designing robust security for all IOMT devices. But the healthcare organizations must also do their share for improving security. If the hospitals do not know exactly what’s connected to their networks, they will have no idea what the risk vulnerability is.
5 Steps to Improve Connected Device Security
Fortunately, hospitals can take some measures by using automation and new technologies to improve connected healthcare device security. Some of these steps are mentioned below:
- Automating the discovery and classification of devices to enable real-time device data and inventory.
- Figure out which devices have outdated operating systems or other risks such as unauthorized software or misconfiguration.
- Track communication to countries like Russia and North Korea and monitor the reputation of the sites to which these devices are connected.
- Monitor the devices with high risk, privileged protocols. Confirm if these protocols are truly required and ensure that they are being used for legitimate needs.
- Baseline all connected device communications to ensure they do not deviate from their purpose. If ransomware takes over a device, it communicates with an internet-based command and control site. There is also potential for lateral movement across the organization. Thus, any deviation from baseline communication indicates security compromise.
Complete IoT, IoMT, and OT visibility is needed for organizations to identify and manage cybersecurity risks. A commitment from device manufacturers is also needed to give a wholesome connected device security.