Cyber crime today is a big money business, costing the global economy an estimated $600 billion each year. Much of that money is made by stealing data from and holding to ransom healthcare organizations (HCOs). Hackers know that the rewards to be gained by targeting exposed IT systems are potentially huge. After all, this is a sector where spending increased to a staggering $3.5 trillion in 2017, and is still growing.
In this context, it’s perhaps no surprise that the healthcare industry comprised nearly a quarter (24%) of all breaches reported in the US in 2017. But there is an opportunity for IT security managers to regain the initiative and mitigate financial, reputational and regulatory risk — by plugging in defenses on the domain name system (DNS).
Healthcare in the cross hairs
Today’s healthcare IT systems are an awkward mix of old and new, legacy on-premise machines running potentially outdated software, and cutting-edge smart devices managing everything from drug dispensing to blood sugar monitoring. The advent of cloud and Internet of Things (IoT) technologies have heralded a new era of productivity, safety and improved patient service but also one of increased cyber risk. Critical operational technology (OT) systems like MRI scanners are often connected to IT networks with little more than rudimentary white-listing tools to protect them.
According to a national healthcare task force, most US HCOs face major resource constraints which further expose them to risk. Visibility into threats is so poor that many “may not know that they have experienced an attack until long after it has occurred.”
The bad news is that cyber criminals are more than capable of exploiting these shortcomings to their advantage. With electronic healthcare records (EHRs) virtually ubiquitous in HCOs, there’s no shortage of opportunities. In fact, over a million patient records were breached in just the first three months of 2018. These are highly monetizable on dark web forums, where scammers purchase them to commit various types of fraud.
Phishing is one of the most popular tactics used to effect data breaches. In fact, 7% of emails in healthcare are said to be malicious, with workers more likely than in many other industries to be duped. But it’s not the only threat: hospitals are also a major target of ransomware, because attackers calculate that that senior executives would rather pay a fine than risk a lengthy IT outage, which could affect patient wellbeing.
DNS-based cyber security: a new approach
DNS is often overlooked by healthcare bosses, but it could be the answer to tackling many of your security challenges. It’s a vital part of any organization’s IT infrastructure which converts domain names into IP addresses so that connected machines can communicate with each other. The DNS takes your employees to the websites, devices and apps they need to visit on the wider internet, and it helps external visitors to access your web properties.
Unfortunately, the DNS was not designed with security in mind, so it can be exploited relatively easily by cyber criminals. Even worse, because it’s always on and running in the background, many organizations have effectively left the door wide open to multiple threats: from malware and phishing to covert data theft.
The good news is that because of its central role in your internet infrastructure, the DNS also offers a great opportunity to detect and block threats before they’ve had a chance to impact the organization. Nominet brings decades of security experience to bear with its NTX platform, offering protection from command-and-control malware, phishing, botnets, cryptomining, data exfiltration and much more. It does this by monitoring outbound DNS traffic in real time and instantly detecting single malicious packets hidden inside vast quantities of legitimate enterprise data.
The end result? Industry leading DNS-based security that can reduce financial and reputational risk, ensure patients and their data are safe and keep regulators happy.
Our whitepaper examines why healthcare organisations suffer a far higher proportion of attacks than companies in other sectors and quantifies the specific problems facing the healthcare sector.