UPDATED 18:23 EST / FEBRUARY 21 2014

NEWS

Condition critical! – SANS-Norse Cyberthreat report shows major hospital security issues

medium_2109841271SANS, sponsored by Norse – a provider of cloud-based threat intelligence solutions, has published a new healthcare cybersecurity report. The news is not good – condition critical you could say.  Lots of bad things are happening and they are happening in our hospitals.  It’s more than just Affordable Care Act, economic pressure or even ‘meaningful use’.  This is about tech obviously and this report is about security, or rather a lack thereof.  Dark clouds are on the horizon, and the data shows that the industry is facing massive waves of cyber attacks from not only computers, but a growing number of connected devices of all types, emerging applications from all over the place – mobile, specialized and device-based, systems and software that are everywhere, creeping into things like radiology, home health monitoring, administration and electronic medical record access.

Just how widespread and ominous are the attacks? Over a two-month period, the Norse threat intelligence infrastructure — a network of more than six million sensors and honey pots located in 38 global data centers and 20 major Internet exchanges — detected:

  • 49,917 unique, malicious events

  • 723 unique, malicious source IP addresses

  • 375 U.S.-based. compromised healthcare-related organizations

  • Compromised radiology devices

  • Compromised VPNs

  • Compromised video conferencing equipment

  • Compromised home healthcare monitoring devices … and more

Alarming findings

 

norseIn the report, SANS calls the findings “alarming.” Which is not surprising, as the implications of these attacks are numerous. They include devastating financial consequences such as those experienced by Wellpoint ($1.7 million HIPAA fine), ePHI theft, compromise of systems and applications that can them be used to launch DDoS and other forms of attacks, malware infections and more. There are even consequences on the consumer/patient, as HIPAA and other regulations do not allow them to recover related cyberattack losses perpetrated through home health monitoring devices. Last year, consumers lost $12 billion out of pocket due to this type of malicious activity. With the emergence of healthcare.gov, it’s is only going to get worse, as the continued digitization of health records is only expanding the attack surface.

Norse CEO Sam Glines shared in a briefing the extent of some of the risks found in the report.  Norse has a presence deep into what’s known as the dark net, and they are constantly analyzing information from the traffic found in this shadow-type of internet.  The dark net is where 99.9% of people never go and most probably don’t even know about, but it is where hackers go to communicate, trade wares and files that could belong to a hospital or any organization for that matter.  This report is the result of analyzing some 100 TB of data and they were able to find troves of Personal Health Information (PHI), credit card information and much more.  It’s enough to affect many just in this one report that represents one period of time.  This is something that is going on all the time.

Strange but true – and bad

 

SANSCredit card transaction information was found running from things like embedded devices, dialysis machines and other health-related devices that most people would never even think needed any protection.  The list of things they found are pretty incredible, from a list of all edge and security devices for one healthcare organization (including all the admin usernames and passwords) to a full blueprint of an entire hospital complete with all the medical devices pointed out for the world to see (this one turned up on 4shared).  It’s all rather shocking and provides a practical game plan for all kinds of malfeasance to take place against a hospital’s technology.  When asked what could be done about this, Glines states that surprisingly a lot of what could be done comes back to basic security principles, proper password policies and adherence to higher security standards.

Security is an element in every technology environment and it should be of critical importance in most of them.  In healthcare – things are very vulnerable.  Pressures abound from regulation, from the economy, from the new healthcare act and it is a target for hackers because of a number of reasons.  There is a tremendous amount of information, health, security, financial and company secrets.  Add to that fierce competition for trained and experienced security personnel, constantly fluctuating hospital network environments, technological changes, the propagation of more and more intelligent devices on hospital networks and more – and you will clearly see the challenges stack up.  As Norse’s Glines so fittingly states, the way out for healthcare in a lot of these situations are solid practices and policies, combined with efficient and manageable technologies to help secure the assets of a health network.  Assets that could include your personal information.

photo credit: sean dreilinger via photopin cc

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU