How healthcare institutions can guard against ransomware
Nathan Vega, Vice President, Product Marketing & Strategy, Protegrity, shares how healthcare institutions can defend their data in the face of ransomware attacks.
Much like how mechanics are not experts in data protection, it is difficult to expect healthcare providers to be adept in cybersecurity, says Nathan Vega, Vice President of Product Marketing & Strategy at Protegrity. Nevertheless, cyber threats are real and imminent.
Vega discusses the key vulnerabilities surrounding healthcare institutions and how organisations can guard against them.
The threats facing the healthcare industry
The healthcare industry is an exceptionally lucrative venture for hackers to extort payment on multiple fronts.
Firstly, they can demand a ransom by threatening to shut down important operations. Next, they can threaten to leak the personal health information of patients to ask for a higher ransom. Healthcare providers hold “some of the most sensitive data on the planet”, says Vega.
Finally, they can threaten patients directly and demand payment from them as well. This happened to Finnish mental health firm Vastaamo, where hackers threatened to leak individual patients’ treatment records unless they each paid the ransom of €200 (US$217), reported The Guardian.
“The reason that ransomware is so diabolical is that they can get into your business in so many different ways,” adds Vega.
Healthcare institutions are inherently vulnerable as they have complex data networks, he says. A set of doctor’s notes will need to go to the billing teams, other doctors, insurance firms, and more. This increases the likelihood of inconsistency and mistakes, he explains.
Hospitals are also home to thousands of smart devices, from respirators to card readers on doors. These devices are inherently vulnerable as they are not built with security in mind, wrote GovInsider. This creates another opportunity for hackers.
Hospitals also tend to have understaffed IT and security teams, he adds.
The need to protect data
“The key is protecting personal health information,” shares Vega. “That would at least eliminate the most expensive part of a ransomware attack, which is if sensitive data is taken.”
A centralised data policy can help. For example, organisations could mandate that a patient’s national identification number should always be protected. Protegrity’s security programme can then identify national identification numbers across the organisation’s data and protect them.
Next, Protegrity decentralises enforcement of this security by making their protection programme available across different devices, software, and departments. The final part is to customise a data protection solution for the organisation’s data needs. Some data will need to be encrypted, and others tokenised.
In the former, data is obscured but can be deciphered with a key, even without access to the original data. Meanwhile, the latter creates an irreversible placeholder for the data, which cannot be deciphered unless the original data is present.
This means that a breach of tokenised data will not compromise the original sensitive data, which can be stored elsewhere.
Protegrity’s tokenisation software uses an algorithm to decode the tokenised data rather than relying on manual data matching with the original database. This means that while data remains secure, work can still run smoothly as data can be decoded rapidly at any time for authorised users.
This is especially important for future security, adds Vega. There are concerns that the rise of quantum computing can break through encrypted data via brute force, he notes. But Protegrity’s tokenisation software is naturally resistant to the abilities of quantum computing as the values are random.
Protegrity’s data protection solutions can protect healthcare organisations for the long haul, he says.
How to protect against ransomware
Besides data protection, healthcare institutions also need to have good malware detection, Vega emphasises. This will help organisations detect ransomware attacks and shut them down, he says.
Antimalware programmes can use AI and machine learning to detect sophisticated malware. It’s similar to language processing, he explains. When a phone is translating speech to text, it is able to detect words even if people have slightly different accents and pronunciations.
Malware is always changing, so we need to have tools that are “flexible and adaptable”, Vega highlights.
It is also important to back up and restore data. This way, if an organisation is infected by ransomware, it can simply wipe the infected data and use the backup instead, Vega adds.
Additionally, organisations need to update and secure their operating software. Teams should “prioritise how and where they're going to update their systems,” says Vega.
These measures will remove the biggest threats that come with ransomware, he explains. It protects patient health information, defends against operation downtime, and helps organisations recover quickly if attacks were to occur.
Data protection and malware detection are to cybersecurity like vaccines are to a disease – they improve resilience and amp up fighting power. Having the right policies and tools in place can help them boost their security.