Hackers attack hospitals | Pentest7

Hackers attack hospitals |  ZDNet.de

There are increasing attacks on the common good and hospitals in particular are increasingly being targeted by hackers, explains Patrick Englisch, Director Technical Sales DACH at Veritas Technologies, in a guest article.

Many people have suffered from the consequences of the most recent cyberattacks against critical infrastructures (KRITIS). First Colonial Pipeline, then JBS, COOP and finally the district of Anhalt-Bitterfeld. In all of the examples, part of the basic services for the residents was undermined. The district of Anhalt-Bitterfeld is still almost unable to act and, among other things, was no longer able to pay out social benefits. The hacker attack damages the citizens in the district directly.

Cyber ​​attacks in which hospitals are successfully hacked are also serious. Here, too, the list of attacks is getting longer and longer: A particularly drastic case occurred in September 2020 in University Hospital Düsseldorfwhen cyber criminals corrupted and paralyzed IT systems. The result was that one patient could not be cared for in time and died.

According to Check Point Research, hospitals in Germany have been particularly targeted since November 2020, and cyberattacks against them took off 220 percent to. In comparison, the number of all other economic sectors combined rose by 22 percent. On average, the healthcare industry experiences 187 million attacks per month worldwide, which corresponds to approximately 498 attacks per month per organization.

More weight for cybersecurity

Like many other industries, hospitals have increasingly digitized their processes, which is why they are also more susceptible to attacks and need to be more secure. Cybersecurity has grown in importance in the healthcare industry, partly because new guidelines call for more commitment in this area.

Until the end of 2021, clinics and hospitals are obliged to strengthen and continuously review their IT security. It is not just about the growing threat from cyberattacks, but also about compliance with legal requirements. According to § 8a BSIG institutions in the healthcare sector are obliged to “appropriate organizational and technical arrangementsn “for IT security. Specifically, this means that from January 1st, 2022, the security measures of all hospitals must be based on the current state of the art. So that even smaller hospitals can protect themselves from hacker attacks, the Federal Social Security Office has set up a Hospital Future Fund (KHZF), which provides 4.3 billion euros for digital protective measures.

Although the health sector is highly regulated and it generally takes longer to introduce new technologies there than in other sectors, many critical work processes on the wards in the hospital have already been digitized throughout. All information that arises – from order forms to x-rays to cardiography – is digitally recorded on a date. It is therefore important for IT managers to have a precise overview of where which data is stored and stored. Often this is missing because data is scattered across various infrastructures and data silos and the data is stored in its own data structures. These in turn are backed up with their own isolated programs. The point solutions partially overlap or leave gaps in coverage that are only discovered when data has been corrupted or lost. Without a consolidated overall picture, there is therefore an increased risk of not being able to implement a restore promptly and in a requirement-related manner.

Fight against ransomware

It is essential to seamlessly cover all data in the hospital from the edge of the network through the central data centers to the cloud with a data protection solution. This not only gives those responsible a complete overview of the data in their entire IT infrastructure. You can back up and restore all data with the same high level of protection, regardless of the location, with less cost and less effort.

Thanks to a central data protection solution, it is also possible to implement an efficient and automated backup and disaster recovery plan that keeps the important applications highly available and at the same time allows highly sensitive data to be transferred through the backup infrastructure and onto the backup systems themselves encrypt.

Such a concept also helps to identify symptoms of an ongoing cyberattack with ransomware. When ransomware encrypts the data, it creates a load on the system and the data is visibly manipulated. This triggers two effects on the backup side: Instead of the usual two hours, the backup of this target suddenly takes six hours. In addition, the deduplication rate of the data sinks into the cellar. Deduplication compares the data in the backup with the production data at segment level and only backs up what has changed. It is clear that strongly encrypted files differ significantly from the plain form. This is a clear indication for IT teams to have a look at the target system. But every single point solution that secures a workload in isolation ultimately weakens the overall system and the ability to react. It is therefore crucial that the backup system supports all workloads, all clouds, all storage and data sources centrally and holistically.

The skills of hackers are becoming more sophisticated and targeted every year, and at the same time, thanks to digitization, new back doors are opening into the IT infrastructure. And the following applies: the more interesting and important data, the more lucrative the targets are for cyber criminals. Despite all efforts, it can be assumed that the attacks against hospitals will continue to increase.

A robust, consolidated and central backup system based on a resilient, hardened infrastructure can therefore establish the reliable last line of defense, where data can be reliably restored and any blackmail attempt will thus come to nothing.

Leave a Reply

Your email address will not be published.