In 2021, hospital systems have been under pressure while facing the combination of COVID-19 cases and ransomware attacks. Ransomware attacks are not new in the health industry. However, this year was the first time that these attacks caused real patient harm, according to a study by the United States’ Cybersecurity and Infrastructure Security Agency. Why is this the case?
This is because hospitals were already at capacity while fighting COVID-19 and they did not have additional resources to spend fighting ransomware attacks. An example of the deadly combination of ransomware and COVID-19 was seen at the University of Vermont Health Network. After being hit by a ransomware attack, they were left unable to access any kind of health record for a month. This delayed critical patient services like cancer screenings and chemotherapy. This is the first time we’ve seen patient care impacted by a ransomware attack.
Patient data is rich with PII data and it’s why attackers target healthcare systems. The potential bounty of data is invaluable to hackers and therefore makes these systems a prime target. Healthcare connectivity and interoperability between systems and applications is difficult. Due to the legacy approach, traditional IAM stacks are deployed. Healthcare organizations need to address rapid change and increasing risk managing limited resources and budget shortfalls.
To mitigate these attacks and problems, healthcare organizations must focus on the digital transformation of core processes, including securing and streamlining the access protocols required for healthcare workers. These processes need to be accurate and fast while not impeding patient care. Investing in technologies where hospitals eliminate passwords and verify the identity of users logging in to minimize the threats from data breaches, ransomware, phishing, and fraud are a key step into the future of healthcare security.
2. A B2B article on what measures a modern hospital should take up in 2022, The opportunities and the challenges faced by the hospitals 2021
Ransomware attacks have posed major threats to hospitals in 2021 as more cyber criminals target critical infrastructure. Many organizations combat these attacks with email security training and implementing multi-factor authentication. Neither of these solutions solves the real problem with ransomware which is not knowing who is actually on the other side of the digital connection.
To prevent ransomware attacks in 2022, hospitals should bring identity-based authentication into the security infrastructure to protect privacy while increasing user satisfaction. In practice, this looks like replacing login credentials (i.e., usernames and passwords) with digital identity.
At 1Kosmos, we call this next-generation multi-factor authentication with biometrics. This prevents data breaches and ransomware attacks by eliminating the threat of credential compromise. By implementing identity-based authentication, organizations can prove identity at every login and move your organization towards a zero-trust environment.
Digital identities are user-managed and come with many security benefits including prevention of account takeover and reduced risk of personally identifiable information (PII) related breaches. Also, replacing passwords with biometric MFA increases user satisfaction. To eliminate the risk of ransomware, it’s not enough to simply train your employees to spot phishing emails. We must stop hoping for the best with password-based systems and embrace identity-based authentication to strengthen organizational security.
Robert MacDonald, Vice President Product Marketing at 1Kosmos
(DISCLAIMER: The views expressed are solely of the author and ETHealthworld.com does not necessarily subscribe to it. ETHealthworld.com shall not be responsible for any damage caused to any person/organisation directly or indirectly.)