Research by Infoblox, the network control company that provides Actionable Network Intelligence, revealed one in four UK healthcare IT professionals aren’t confident in their organisation’s ability to respond to cyberattacks.
Technology is booming in healthcare organisations with digital transformation policies leading to increased adoption of connected medical devices, big data analytics for faster and more accurate diagnoses, and paperless systems for the easy exchange of patient information.
As technology becomes more ingrained into core healthcare offerings, there is an increased threat of cyberattacks disrupting services, stealing sensitive patient data, and putting lives at risk. Infoblox commissioned a survey of UK and US healthcare IT professionals to gain a better understanding of whether the healthcare industry is adequately prepared to combat this evolving threat.
Infoblox’s report Cybersecurity in healthcare: the diagnosis reveals:
Ready for ransomware
Following the significant disruption caused to the NHS by WannaCry in May 2017, many healthcare organisations are preparing themselves for further ransomware attacks. One quarter of participating healthcare IT professionals reported that their organisation would be willing to pay a ransom in the event of a cyberattack. Of these, 85 per cent of UK respondents have a plan in place for this situation.
Dangerous operating systems
The number of connected devices on healthcare organisations’ networks is exploding, with 47 per cent of the large healthcare organisations surveyed indicating that they are managing over 5,000 devices on their network. One in five healthcare IT professionals reported that Windows XP is running on their network, which has been unsupported since April 2014. 18 per cent indicated that connected medical devices on their network are running on the unsupported operating system, leaving organisations open to exploitation through security flaws in these unpatched devices.
Patching outdated operating systems is impossible for the 7 per cent of IT professionals responding that they don’t know what operating systems their medical devices are running on. Even when the operating system these devices run on is known, a quarter (26%) of large organisations either can’t or don’t know if they can update these systems.
Investing against the threat
85 per cent of healthcare IT professionals reported that their organisation has increased their cybersecurity spending in the past year, with 12 per cent of organisations increasing spending by over 50 per cent.
Traditional security solutions are the most popular, with anti-virus software and firewalls the solutions most invested in over the past year, at 61 per cent and 57 per cent respectively.
Half of organisation have invested in network monitoring to identify malicious activity on the network; one third have invested in DNS security solutions, which can actively disrupt Distributed Denial of Service (DDoS) attacks and data exfiltration; and 37 per cent have invested in application security to secure web applications, operating systems and software.
Rob Bolton, Director of Western Europe at Infoblox said: “The healthcare industry is facing major challenges that require it to modernise, reform and improve services to meet the needs of ever more complex, instantaneous patient demands. Digital transformation presents a massive opportunity to support the doctors and nurses who work tirelessly – but these new technologies also introduce new cyber risk that must be mitigated. The widespread disruption experienced by the NHS during the WannaCry outbreak demonstrated the severe impact to health services that can be caused by a cyberattack. It’s crucial that healthcare IT professionals plan strategically about how they can manage risk within their organisation and respond to active threats to ensure the security and safety of patients and their data.”
The report includes a case study on how Geisinger Health uncovered malicious activity on its network and was able to quickly and accurately identify the offending device, containing the malware before it spread throughout the network.
Commenting on the event, Rich Quinlan, senior technical analyst at Geisinger Health, said: “In spite of all the conventional steps we take to protect our internal network, patient care could still be affected. We could have an entire hospital full of useless ultrasound devices because one was brought in with a virus and we have no control over them. And if it was able to exfiltrate data, we would have a compliance issue.”
The report also draws on the survey findings to provide actionable recommendations to healthcare organisation to better combat against the evolving cyber threat.