The shockingly sorry state of Healthcare and how cyber attackers are making it worse

Hospitals are already stretched thin, caring for a surging population of coronavirus-hit patients. On top of that, healthcare institutions are being pushed over their limits with cyberattacks and digital scams.

Among the many damaging attacks being inflicted on hospitals, the worst ones are by far ransomware attacks, which can cause entire hospitals to shut down until they pay a fee sometimes reaching up to a million dollars.

Such an attack led to the shutdown of all computers at the Champaign-Urbana Public Health District in Illinois for three days in March. It compelled the district to shell out $300,000 in ransom payments.

Another similar attack shut down computers at the Brno University Hospital in the Czech Republic, after which the hospital had to start turning away new patients that were in critical condition from the deadly novel disease.

In yet another instance, hackers broke into the IT infrastructure at Hammersmith Medicines Research, a London-based company that performs clinical trials for new medicines. The company was in communication with other firms about potentially testing a vaccine as the COVID-19 crisis was just taking hold in the UK. The hackers used encryption to lock down thousands of patient records and threatened to publish them online if a ransom wasn’t paid.

These attacks are part of the surge in hacks and scams prompted by the coronavirus situation and aimed at leveraging people’s confusion and fears about earning money. They are more effective in hospitals where physicians are busy working to combat the pandemic. As they are often under a lot of stress, the logic telling them not to click a link might be ignored under these circumstances.

Steps for healthcare organizations to make them more cyber resilient

Even before the pandemic struck, hospitals have been a meaty target for hackers because they can’t afford to go offline even for a short period of time, naturally making them more susceptible to ransom demands.

Healthcare providers, just like other employers, are also at a higher risk because their non-essential staff are working from home. This means they are using their personal devices, which might not be as secure as the institution’s internal infrastructure.

Therefore, the first step we encourage hospitals to take is to learn how to secure their remote workforce during this trying situation.

Attacks on healthcare systems lock down computers that contain electronic medical and health records, restricting doctors from accessing information about their patient’s medical histories, dosages of drugs advised, and so on.

The ramifications of such attacks, especially during this pandemic, can be devastating. Casualties that would not normally occur could happen, given the large number of ransomware attacks that are spreading rampantly.

Attackers are using phishing links to lure hospital staff to click on them and download malware or ransomware on their devices. Under these circumstances, it is essential for healthcare institutions to improve their cybersecurity posture so they can ward off the known as well as the unknown threats.

Recently, Microsoft announced it will offer healthcare providers free access to an advanced security system called AccountGuard. Through this service, Microsoft will closely monitor email traffic and other avenues that hackers commonly use to intrude critical infrastructures. Microsoft will then alert organizations about any hacking efforts by criminal groups and nation-states.

Healthcare institutions are heavily affected by cyber attacks

Our Offer and Open Solidarity

At TEHTRIS, we also recognize the need for healthcare providers to have better IT security. Therefore, as part of the #Open_Solidarity initiative with OVHcloud, TEHTRIS is making its Endpoint Detection and Response platform freely available to hospitals around the world.

It’s high time that #TEHTRISsecuresHealthcare!

Read our previous post to learn more about this offering.

Here’s how TEHTRIS XDR works for this offering:

  • Layer 1 lies inside the hospitals. The IT staff at each hospital simply needs to deploy the TEHTRIS EDR agent for free on all PCs that should be protected.
  • Layer 2 lies in our cloud. The TEHTRIS EDR agents from Layer 1 connect back to the managers, which are essentially TEHTRIS EDR Virtual Machines (VM) for hospitals. This approach is scalable and we can add as many dedicated Virtual Machines as needed.
  • Layer 3 lies in the TEHTRIS XDR Platforms situated in the cloud infrastructure provided for free by OVHcloud for this mission.
  • Layer 4 lies with our specialized TEHTRIS SOC team that monitors networks and other endpoints. They continuously analyze data against attackers to take action steps early on in case a breach is detected.
  • TEHTRIS SOC uses native tools from the TEHTRIS XDR unified console like dashboards and hunting tools.
  • Layer 5 lies with our TEHTRIS CERT team that shares important information like monitoring data to the trusted CERT community worldwide, so that others can learn about ongoing trends, flaws and wins.

Through this offering, TEHTRIS pledges to safeguard your data and systems from malicious attackers. The healthcare system is currently under a lot of pressure. We want to make this less challenging for healthcare providers by taking this single task off their shoulders.

This is our chance to take on the urgent need to secure healthcare systems. We all know that these critical infrastructures have a high impact on human life, both positive, and if tampered with, negative.

We are in a time where international order is unstable and national healthcare systems are under deep pressure.  It is therefore of utmost priority to secure the healthcare systems around the world. 

There are many organizations, including ours, that are doing their part to protect those systems and help support the lives of others now and forever.

Share this article with someone in a healthcare institution’s top management, or with a doctor you know, that is fighting the coronavirus and may be facing cyber threats.

Allow us to fight the digital viruses so that you can fight the coronavirus.