Connect with us

Hi, what are you looking for?

Business

State of play: One year on from WannaCry ransomware outbreak

In a new report, global security company Trend Micro examines the areas of vulnerabilities and threats related to the healthcare industry. The intention of the report to help healthcare organizations understand, measure and mitigate their information security risks. This has been issued close to the anniversary of the global WannaCry cyberattack (which was covered by Digital Journal).

Through the research, Trend Micro has uncovered that a year later, despite additional resources being put into many healthcare systems, the scare of WannaCry may not have resulted in more secure healthcare environments. Instead the report finds that many critical systems and devices exposed, making them a potential target for another major attack.

The main findings from the “Securing Connected Hospitals” report shows how several systems are vulnerable, including device firmware attacks, and website, electronic health records and internal portal open to compromise. The report also identifies potential risk sources as being a mix of insider threats from hospital and vendor staff and applications provided by third-party vendors. With this second category, included in this are mobile health (mHealth) mobile apps, which is of concern given the extent to which this area is anticipated to expand over the next few years.

The types of malicious scams include source code compromise during manufacturing together with spear phishing from trusted email accounts. These threats lead into advice from Trend Micro as to what healthcare companies can to to prevent attacks. This includes:

Performing vulnerability assessments of new medical devices.
Ensuring that bring your own device (BYOD) programs should include authentication using Network Access Control (NAC) before allowing access to the network.
Only purchaing medical devices from manufacturers who go through rigorous security assessments of products during design and manufacture.
Developing plans for patching and updating code or firmware for devices implanted in patients and hospital medical equipment.
Performing risk assessments of all suppliers and vendors in the supply chain and do background checks on employees who have access to medical devices.
Performing security, vulnerability, and penetration testing to the hospital network and software to make sure they are safe from hackers.

In addition, the use of a firewall is important, especially when coupled with an effective antivirus and antimalware suite. Many antivirus software packages take the form of disc scanners, and these should be run regularly (ideally at a time when the computers are not in use due to the tendency to slow systems down).

One interesting part of the analysis related to Canadian healthcare organizations, which are called out as being especially vulnerable. This is because more than 79 percent of all exposed devices and systems in hospitals around the globe can be traced back to one hospital in Canada. Furthermore, Canada ranks 13 out of the 20 countries with the highest number of medical imaging information exposed. This suggests the importance of adopting both a global set of measures and avtivities geared towards national vulnerabilities.

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Calling for urgent action is the international medical humanitarian organization Doctors Without Borders/Médecins Sans Frontières (MSF)

Business

The cathedral is on track to reopen on December 8 - Copyright AFP Ludovic MARINParis’s Notre-Dame Cathedral, ravaged by fire in 2019, is on...

Business

Saudi Aramco President & CEO Amin Nasser speaks during the CERAWeek oil summit in Houston, Texas - Copyright AFP Mark FelixPointing to the still...

Business

A recent article in the Wall Street Journal infers that some workers might be falling out of the job market altogether.