Cyber security for a digital-first health service

30th January 2019

Simon Whitburn
Senior Vice President Cyber Security Services

Despite major ongoing challenges, the UK’s healthcare sector is a world leader. We tend only to hear about the NHS in the news if something has gone wrong. In fact, in 2017 it was ranked the “best, safest and most affordable” healthcare system of 11 wealthy nations. But cyber threats remain a serious risk to stretched finances, patient welfare and reputation. WannaCry cost the health service £97 million and led to an estimated 19,000 cancelled appointments and operations. As systems become more digitised, they will become even more exposed to online attack.

The bottom line is, if healthcare bosses want to create a secure platform on which to drive much-needed digital transformation, they should look no further than the Domain Name System (DNS).

Going digital

It’s hard to generalise about the organisations that comprise one of the world’s largest employers. But it’s true that most IT systems have expanded organically over the years meaning modern and legacy technologies often sit side-by-side. Although a new deal will see Windows 10 rolled out across the health service by 2020, some estimates claim as many as 60% of NHS organisations still use Windows XP. Yet on the other hand, many trusts are accelerating efforts to go paper-free by digitising patient records.

But in digitising, we also offer opportunities for hackers to steal those records. How could they do this? By exploiting vulnerabilities in those operating systems, or even in healthcare workers themselves. The NHS has a large, mobile workforce operating under tremendous pressure. That makes it much easier to trick distracted users into clicking on a phishing link in an email or opening a malware-laden attachment. NHSmail hosts around 1.2 million accounts: that’s a lot of potential victims.

Newly connected IoT devices could also represent a risk. Yes, smart beds, drug infusion pumps and other devices offer hospitals an opportunity to become more efficient and cost effective, and offer a higher quality of patient care. But if left unpatched and unprotected, these systems could also provide a ready-made entry point into the hospital network where patient data is stored, or could even be hijacked themselves or locked down with ransomware. One report claims that nearly a third (30%) of trusts have been affected by ransomware.

The bottom line

So what’s the potential impact of cyber threats on healthcare organisations?

Financial: IBM claims that globally, the average cost of healthcare records ($408) is higher than any other industry. That’s not to mention the cost of ransomware outages or regulatory fines.

Reputational: Any major attack or breach could impact the organisation’s reputation, potentially leading to job losses at the C-level.

Patient care: As WannaCry showed, threats in the online world have the potential to impact the physical world. This will only grow with the expansion of the IoT.

Regulatory: The GDPR both expands the scope of personal data HCOs need to protect and introduces tough new penalties for non-compliance of up to £17m or 4% of turnover. Security must be built into systems “by design and default” and any breaches must be reported within 72 hours.

Time for DNS-based security

Given the risks facing healthcare firms, effective cyber security is clearly a must. But how many organisations have thought about plugging in security defences into their DNS layer? The DNS is known as the “phone book of the internet” — converting domain names to IP addresses so internet-connected machines can communicate with each other. Because it’s a vital part of any organisation’s IT infrastructure, it’s often left running in the background, without any firewall protection.

This is a mistake. Hackers have a wealth of techniques at their disposal to utilise design “flaws” in the DNS to launch phishing attacks, malware, communicate with infected machines and steal data from your organisation. It’s time we focused on this layer with effective security, because with the right approach, DNS can also provide a fantastic early-warning system for attacks — allowing you to detect and block threats before they can make an impact.

That’s what Nominet provides to healthcare organisations via two offerings: NTXprotect and the fully managed service, NTXsecure. By monitoring outbound traffic for the smallest signs of malicious activity, they can protect your network against command-and-control malware, phishing, botnets, cryptomining, data exfiltration and much more. What’s also powerful is the ability to negate those threats before they harm your users and systems.

That’s good news for your organisation, your patients and the bottom line.

Download whitepaper