To help healthcare providers stay on the defense, we've compiled a two-part series on cyberattack preparedness. Part I covered common personnel targets, emerging attack tactics like smishing, how to report an attack, and a recap of current industry breaches. Now, part II sheds light on four additional HIT security insights for healthcare leaders.
- Stay wary of WannaCry- It's been two years since WannaCry first emerged as a ransomware cryptoworm tactic. While many think that WannaCry is in the past, 40% of healthcare organizations have suffered a WannaCry attack just in the last six months, according to an Armis security report. Even if WannaCry did not activate against a hospital, the organization and its data are not in the clear. Vulnerabilities still exist if leaders fail to address network patching or device inventory gaps.
- Maintain device management- As healthcare facilities expand in the competitive market, device management is increasingly cumbersome. With growing enterprises of differing device generations, organizations must keep track of new, legacy, misplaced and suspicious device activity and access. Unmanaged devices project a massive target to hackers. When employees transition or leave the organization, inventory and follow up with all device accesses.
- Prepare for the Windows transition- Approximately 70% of healthcare organizations operate on Windows 7 or older platforms. With Windows 7's extended support ending in January 2020, these organizations will be left with significant security vulnerabilities if they do not transition to Windows 10. Software will still run, but there will be no software updates, including security updates, from Microsoft. Time is running out for transition.
- Defend against Bluekeep- Speaking of outdated Windows platforms, a new device vulnerability recently emerged. Though originally projected to impact 7 million, now almost 1 million Windows 2003, Windows 7, Server 2008 and XP systems are susceptible to Bluekeep, a remote desktop protocol (RDP) terminal services flaw that enables malware proliferation similar to WannaCry. To combat, healthcare organizations should apply Window's emergency patch response to any Windows XP, Vista and Windows 7 desktops and servers. Address each individual device at risk, considering the information, especially login credentials, that could be exploited from it. Limit the number of users who can log into a system using a RDP.
Though WannaCry emerged two years ago, its damage to the healthcare industry and influence on emerging cyberattack tactics continues today. Stay cognizant of new cyber threat variations, while maintaining continuous employee education and enforcing clear cybersecurity policy.
