- Get link
- X
- Other Apps
- Get link
- X
- Other Apps
Cyber criminals target not only the private sector but also critical infrastructure organizations such as hospitals. When it comes to IT security in hospitals, it is important to react specifically to specific challenges. It is not for nothing that the Federal Office for Information Security (BSI) warned in its management report on IT security against a lack of caution and possible consequences. Try our free antivirus to combat cybercrime.
Prominent Cases
Just recently, the BSI's management report clearly demonstrated
that hospitals are interesting targets for attackers because of their social
relevance and specific work processes. No area of the critical
infrastructure has sent more reports to the BSI than the health sector (they
are legally obliged to do so in the event of IT disruptions). Among the
top reasons for reporting: technical failure of the systems and cyberattacks
that were tailored to the employees.
1.
Ransomware Suspends Emergency Operations
The ransomware attack on the
University Hospital in Düsseldorf will be known in September 2020. The aim
of such an attack is always to extort a ransom for the release of the systems. The blackmail Trojan that was smuggled into the Düsseldorf
University Hospital encrypts
30 servers and not only paralyzes the IT systems but also the emergency
operations for 13 days. Although encryption is removed quickly, it takes
just under two weeks for all systems to be restored and secured. Particularly
dramatic: This lengthy process means that urgently needed emergency care
cannot be offered. The
trip to a hospital in Wuppertal that is much further away costs a woman her
life.
2.
WannaCry Cripples Medical Devices Around the World
Cyber attacks on a hospital
are so problematic not only because of the risk of data loss or misuse. The
safety of patients can be specifically threatened. In 2017, the well-known
ransomware WannaCry paralyzed dozens of clinics and other healthcare
facilities. Patients are referred to the emergency room, the treatment of
cancer and heart patients has to be suspended due to a lack of digital data. The Internet of Things is becoming more
and more normal in hospitals as well: Many medical devices are
connected to and with each other via the Internet. In such cases, the life of the person to be
treated is specifically at stake, when cybercriminals gain
access and control the entire network.
These Challenges Have to Be
Mastered
1. Sensitive Health Information
The hospital has very sensitive
health data. Patient files and the like are recorded, processed, and passed
on within the hospital information system (HIS). Under no circumstances should these
fall into the wrong hands. However, ensuring data
protection is becoming increasingly complex due to the digitization of the
healthcare system, e.g. in the form of electronic patient files. All
employees who use the hospital information system must be made aware of attack
scenarios and trained.
2. Internet of Things (IoT)
Digitization in hospitals does
not end with electronic patient files. Many medical devices for monitoring
and examination are now connected to the Internet and also to one another via
the network. They often run on different operating systems
and thus have specific security settings. Securing these complex,
networked systems against enemy intrusion is an ongoing process that takes a
lot of time and money.
3. Little Time and Capacity
Working in a hospital involves
time-sensitive issues and assignments. At all levels of the hierarchy,
from the chief physician to the administrative staff, there is just a
calculated amount of time available for the individual concerns of the
patients. The high level of exposure and stress fueled even further by
COVID 19, require less prudent handling of IT systems. Urgent
employee training courses that are precisely tailored to this need are often
not yet on the agenda.
4. Outdated IT Infrastructure
To guarantee the
security of IT, both employees and the infrastructure must be resilient. Many
of the systems run around the clock, making changes and updates more difficult. Accordingly,
backups are also rarely created. This can result in security gaps and
in the event of a security incident it takes a long time to restore the systems. Finally,
there is also a lack of money to replace outdated software with a more secure
version. In many hospitals, the rule of thumb is "don't change
anything while it's still running."
Also, do not forget to try our free antivirus.
- Get link
- X
- Other Apps
Comments
Post a Comment