Cybersecurity in the health sector: a race for protection and prevention

Cybersecurity in the health sector: a race for protection and prevention

Carlos Gómez SonicWall, health, cybercrime, Cybersecurity, Sales Engineer for South America, SonicWall, tells us health organizations can confront cybercrime with the implementation of practices and policies that allow them to anticipate the worst scenarios in the face of a cyberattack.

As efforts for vaccination programs advance, cybercriminals continue to develop new strategies to make their attacks increasingly effective and profitable.

Proof of this is the growth of ransomware attacks (information hijacking), which reached a record number during 2020 with an increase of 62% compared to the previous year.

Specifically, according to a recent SonicWall Threat Report, the number of healthcare ransomware attempts increased by 123%, making it the focus of more targeted attacks.

Along with the ransomware attacks, the use of cryptocurrencies as an exchange rate for payment for hijacked data increased, thanks to the fact that it offers the facility to carry out transactions without leaving traces.

Added to this mix of threats are new breaches of critical patient data (medical history, credit information, etc) that affect both sides of the coin; On the one hand, they put the reputation and resources of medical centers at risk by forcing them to pay ransoms to prevent the stolen information from being leaked and commercialized, and on the other, expose the privacy and valuable information of patients.

In recent months, the COVID-19 vaccine supply chain called ‘Cold Chain’, which is essential for transporting vaccines and delivering them in optimal conditions, has also turned out to be the focus of attacks.

The complexity of the supply chain represents more potential access points for cybercriminals to wreak havoc. Whether it’s disrupting the shipping process, shutting down the huge freezers needed to keep vaccines cold, or hacking into supply chain systems, the result of malicious intrusions can drastically disrupt the entire distribution process, putting lives at risk.

Prevention and protection to face cybercrime

As medical centers do through their health prevention programs, organizations can confront cybercrime with the implementation of practices and policies that allow them to anticipate the worst scenarios in the face of a cyberattack. Some of these are:

1. Raise awareness in your remote and on-site workforce – Better awareness will reduce the chances that staff will download suspicious documents or click on malicious links.

2. Safely and efficiently connect your remote workers, allow only the services and applications they need to open, implement policies and practices for the safe use of mobile devices and BYOD for the remote workforce.

3. Avoid credential theft – Having strong passwords will reduce the chances that attacks will spread through your systems. Implement multi-factor authentication, today it is easy to use mobile applications with dynamic password managers and/or fingerprints.

4. Update the security in servers, personal computers and laptops with modern and advanced prevention techniques: The traditional antivirus of your PC has evolved ostensibly towards a dynamic protection of threats without the need to have successive online updates to improve the security of your organization.

Remember that the principles of prevention and protection are not exclusive to the health industry, but can be applied to different areas, and as in the case of cybersecurity, prevention is better than cure.