In the last few years, a large number of hospitals have been caught off guard by crippling cyberattacks. Because hackers are becoming increasingly sophisticated in their methods and healthcare administrators are struggling to keep up with emerging threats, hospitals are even more vulnerable.
“Hospitals are just sitting ducks. They are the golden target,” says Yotam Gutman, marketing manager at SecBi, a company that provides data and research on the global cyber industry.
In some cases, the hospital’s entire IT system has been held for ransom. Earlier this year, Princeton Community Hospital in rural West Virginia was hit by a malware attack from hackers demanding a ransom paid in bitcoin (a virtual currency). The attack paralyzed the hospital’s system, causing administrators to do all reports by hand while it rushed to reboot its entire network.
In other instances, hackers have seized private patient information. According to Gutman, a system at a plastic surgery clinic in the U.K. was once breached by someone who stole the facility’s information.
“If you have a hospital with a lot a wealthy patients, there are a lot of secrets,” Gutman explains.
Bottom line? It’s an issue hospitals shouldn’t run away from.
The bright side is that it doesn’t take an overwhelming amount of resources to protect your facility from an attack. In short, Gutman says it all comes down to “people, processes and technology.” And it does take a concerted effort from management. Here are Gutman’s tips to ramping up your cyber security defenses:
Give your IT department the resources it needs: Naturally, any well-functioning IT department needs a well-trained staff with the time to learn about and prepare for new threats. Allow IT staff to take the latest online tutorials or other training on security on a regular basis.
Raise awareness throughout the hospital: Along with a well-trained IT department, the entire staff also needs to be ready. All it takes is one employee opening an email from hackers to bring down an integrated system’s network.
“Post posters in different places and raise that awareness [about cyber security threats],” Gutman suggests.
Gutman says there are also companies that can help train employees by sending mockup cyber crime emails so that users can become more astute about what’s safe to click on.
Get the latest generation of cyber security products: “I think the healthcare sector as a whole needs to step back and evaluate the maturity of its cyber security readiness. If they are using old systems that cannot be patched anymore, they need to be upgraded to a level that can provide sufficient security,” Gutman says.
What’s more, hackers are becoming increasingly proficient at bypassing outdated malware software aimed at preventing attacks.
“You have to assume you will be compromised and then quickly try to identify the source of the breach and the impact,” Gutman says.
Gutman says that the latest and best cybersecurity technology relies on artificial intelligence and allows automation of most security processes. With the right system in place, even lesser-staffed IT departments can provide the protection the hospital needs.
(Main image credit: AP Photo/Pavel Golovkin)