Cybersecurity is an industry that is of growing importance to businesses worldwide. According to DCMS’s Cyber Security Breaches Survey 2021, nearly 40% of UK businesses were hit with some cyberattack in the first quarter of 2021. In addition, the Ponemon Institute (working with IBM) found that those organisations hit by a data breach spent on average of around £2.9 million per incident.
This data proves that the cost of a cybersecurity incident can be drastic and gives us insight into another disturbing fact: cybercrime, for criminal groups or lone wolf actors of nation-state groups who engage in malicious activity, is highly profitable.
It also highlights the importance of using appropriate measures to mitigate cybersecurity risks. For browser security, finding the best firefox vpn, or similar products, can be a useful first step towards protecting staff and the wider organisation.
Cybersecurity in the healthcare industry: Why does it matter?
This cybersecurity data paints a particularly worrying picture for the healthcare industry. In part, cybercrime is such a profitable area because of the value of data. If a threat actor can access the sensitive data held by an organisation, they can sell this data via mediums such as the dark web or ransom this data for a sizable profit. We have already seen attackers using this tactic to specifically target healthcare organisations. For instance, in May 2021, the Russian-based APT group, Conti, targeted the Irish healthcare system with a ransomware attack. Consequently, patients were left unable to access critical services, and the service was still recovering four months later in September, according to the BBC.
This ransomware attack was not an isolated incident. According to the website Chief Healthcare Executive, a November 2020 Healthcare Information and Management Systems Society survey indicated that 61% of respondents had seen non-emergency clinical care disrupted by a cyberattack, and 28% had seen emergency services disrupted. Fact is, cybersecurity incidents at healthcare facilities can represent a serious and real risk to life.
Like other industries such as financial services, healthcare is an attractive target for criminals for one reason: monetary benefit. If harvested by a cybercriminal and stolen, healthcare data is among the most sensitive PII imaginable. Furthermore, another the reason this data is so valuable that a leaked medical record cannot be “replaced” like a compromised credit card can be replaced. The leaked information is not ephemeral in nature. This is why the payout for leaked medical records is significantly higher for bad actors. Take a second to imagine what you would do if someone threatened to make your health records public. Imagine this combined with the associated corporate woes if a healthcare provider made thousands or millions of people’s medical records public. The legislative punishments, and associated lousy PR, mean the industry is rife for blackmail, both on a personal and corporate level. Additionally, the cutting-edge technology used and developed by some medical facilities also makes the industry an extremely appealing area for intellectual property theft.
The solution: Securing the software
The solution to this aggressive healthcare threat rests within the software used by the organisation. Being the engine that powers much of our lives inside and outside of work, vulnerabilities in software serve to empower bad actors. According to multiple sources, in 2021, over 28,000 vulnerabilities were reported in various vulnerability databases. These vulnerability numbers are significantly higher than in previous years (18,362 in 2020, 17,382 in 2019, and 17,252 in 2018). What is even more concerning is that 5,800 of these remotely exploitable vulnerabilities have exploits widely known in publicly available databases, making them active, actionable, and increasingly dangerous.
When faced with this volume of vulnerabilities, an enterprise cannot expect patching to be practical mitigation. The current approach for protection, which relies on probabilistic behavioral methods, looks to detect and then respond to threats and allows bad actors to dwell inside a corporate network. At that point, they can move laterally and manipulate a piece of software to their nefarious ends. The best and most concerning example of this is the SolarWinds hack, where bad actors lay dormant in the network for months. They were able to compromise the software so thoroughly that it had to be rebuilt from the ground up, with their reputation, from a security perspective, unlikely to ever recover.
An alternative: Deterministic Protection
A cybersecurity solution for the healthcare industry that offers Deterministic Protection capabilities prevents a bad actor from taking control of the victim. It works by precisely detecting in milliseconds when software execution deviates from the developer’s intentions. This paradigm for detecting attacks reduces Mean Time To Protection (MTTP) to near zero, even for a zero-day vulnerability, irrespective of the attacker’s ability and sophistication. Additionally, it prevents any file-based, file-less, or memory-based malware from executing even a single instruction. Such a cybersecurity solution does not impair the end-users experience, does not require source code, and certainly does not need signatures or threat feeds.
Conventional security solutions such as EDR solutions do not track the application’s intent granularly at runtime, and therefore, sophisticated bad actors fly under the radar with ease. Much to the detriment of the end-user, such cyber security products cannot assure near-zero MTTP. Instead, they look to match patterns of past successful attacks.
For healthcare organisations, protection within milliseconds effectively prevents loss of reputation, revenue, confidential patient data, and most importantly, could be the difference between a life saved and a life lost.
By Satya Gupta, founder, and CTO at Virsec
