Cyber hygiene is essential to help prevent unauthorised access to networks, systems and devices to ensure patient safety isn’t compromised by hackers tampering with equipment or altering treatment settings.
Ransomware attacks account for more than half (54%) of cybersecurity threats in the health sector. That’s according to a new report by the European Union Agency for Cybersecurity (ENISA) which has carried out detailed analysis of more than 200 cyber-attacks in Europe over the last two years.
Hospitals, in particular, bore the brunt of the attacks accounting for four in ten (42%) breaches, while health authorities (14%), and the pharmaceutical industry (9%) were also targeted.
According to the report, ransomware — malicious software that blocks access to computer systems until money is paid to unlock the data — emerged as one of the primary threats.
Worryingly, it revealed that the healthcare sector appears to be underprepared for an attack with only a quarter (27%) of organisations having a dedicated ransomware defence programme to mitigate risk.
Vulnerabilities can include attacks on healthcare supply chains, service providers, healthcare management systems as well as connected medical devices.
And with so many medical devices now connected to the internet, these are particularly susceptible to cyberattacks.
The importance of cyber hygiene in healthcare settings
Cyber hygiene is much like clinical hygiene in that it focuses on regular maintenance to avoid unnecessary risks. Cyber hygiene refers to the protocols needed to maintain good cybersecurity and protect digital assets, systems, and data from cyber threats.
Not only is it important to protect valuable data, but it’s also essential to ensure the smooth running of IT systems that keep hospitals and other clinical settings operating smoothly. Without it, the risk to healthcare services can be devastating.
Last year, for example, the NHS in the UK was disrupted by a cyber attack that impacted patient care and left medical staff being forced to revert to pen and paper instead of using digital records.
In early March 2023, a hospital in Spain — the Hospital Clinic de Barcelona — was hit by a ransomware attack which crippled the centre’s computer system and forced clinicians to cancel operations and appointments.
Later that month, it was reported that the Saint-Pierre Hospital in Brussels was targeted causing a widespread outage throughout the hospital which led to major delays in operations and an emergency room being shut down for a few hours.
The lessons from this are clear. Protecting systems from hackers and other bad actors requires constant vigilance and action.
What are cyber hygiene best practices?
To protect and maintain your IT systems and devices, it’s important to implement cyber hygiene best practices. The following list provides a solid foundation to build upon:
Maintain an IT asset inventory
Healthcare IT teams need to locate and classify all the assets they have on-premises or in the cloud, where they’re kept, and who has access to them.
Maintain complex passwords
Complex passwords that are changed regularly are a strong first line of defence against an array of security threats. Multifactor authentication (MFA) — which requires users to identify themselves with a second form of verification, such as a thumbprint or numerical code — adds an extra layer of security.
Regularly update software
Poor patch management is an open-door for cybercriminals. Operating system and application patches must be applied regularly and promptly to mitigate the risk of malware breaching networks. A strong patch management system is one of the best defences against data breaches and other security incidents.
Control admin privileges
As high-level administrative privileges pose one of the biggest security risks in any organisation, it’s important to give admin-level access to programs and systems only to those who need them.
Regularly back up data
Backup procedures should be performed on a regular schedule and verified to confirm their integrity. It’s also important to regularly test the restoration process to make sure it works correctly.
Manage outdated systems
Outdated systems — hardware and software no longer supported with security patches and updates from their manufacturers or developers — pose a greater security risk and should, therefore, be retired from use.
Implement an incident response plan
Healthcare organisations should have an incident response plan — that is tested regularly — to mitigate the damage and minimise the downtime from an attack.
Following these cyber hygiene best practices will go a long way to helping to protect vital healthcare systems and networks. But it also means regular employee training to ensure awareness. Especially since it’s worth noting that staff clicking on a malicious link is still the main way into networks for attackers.
After all, healthcare employees play a vital role in maintaining cyber hygiene. And regular training and awareness programmes help staff identify phishing attempts, secure their login credentials, and understand the importance of adhering to cybersecurity policies.
And it’s important that this doesn’t just apply to staff directly employed by hospitals. Vendors and other third-party providers should also be encouraged to practise good cyber hygiene to prevent potential vulnerabilities introduced through third-party connections.
Ultimately, cyber hygiene involves assessing and managing risks proactively rather than waiting for an incident to happen. Conducting regular security audits, vulnerability assessments, and risk evaluations allows hospitals to identify weaknesses in their cybersecurity posture and take corrective actions.
By Kieran Bamber, UK Healthcare and Local Government Lead at Tanium
