Report says IoT proliferation and insufficient access controls exposing healthcare systems to data theft
The proliferation of IoT devices in the healthcare industry, insufficient access controls, unpartitioned networks and a reliance on legacy IT systems is exposing a vulnerable attack surface for cybercriminals to target to steal personally identifiable information (PII) and protected health information (PHI), according to cybersecurity company Vectra.
The Vectra 2019 Spotlight Report on Healthcare indicates that in addition to data theft, the vulnerability could lead to disruptions in healthcare service delivery. Research by Enterprise Strategy Group shows 12 percent of enterprises have already extensively deployed AI-based security analytics, and 27 percent have done so on a limited basis.
Vectra monitored network traffic and collected metadata from more than three million workloads and devices between July and December 2018 through its Cognito threat detection and response platform. The company found that hidden HTTPS tunnels are the most prevalent method used by hackers of hiding command-and-control communications in healthcare networks, and that hidden DNS tunnels are the most common method of hiding data exfiltration behaviors. Vectra observed a spike in behaviors consistent with internal darknet scans and Microsoft Server Message Block account scans, which could indicate attacker reconnaissance. It also found that botnet attacks tend to be opportunistic, rather than targeted, and that incidents of ransomware infection declined in the second half of 2018.
“Healthcare organizations struggle with managing legacy systems and medical devices that traditionally have weak security controls, yet both provide critical access to patient health information,” says Chris Morales, head of security analytics at Vectra. “Improving visibility into network behavior enables healthcare organizations to manage risk of legacy systems and new technology they embrace.”
Pindrop announced plans to extend its voice biometric technology to IoT security, including for the healthcare industry, at CES earlier this year.