4 minute read
Healthcare Cybersecurity: The rise of ransomware
By Gbolabo Awelewa
Cybersecurity Awareness is spreading across the world with the rapid advancement of technology and the need to protect the data which they store and services provided. Cybersecurity is no stranger to both the public and private sectors such as Education, Oil and Gas, Transportation and especially Healthcare as long as technology and data is involved.
Advertisement
“CyberMed” a term coined to relate cybersecurity and the healthcare within the same ecosystem. The Healthcare sector has been a major target for malicious threat actors due to the data held by the healthcare sector and lack of implementing best security practice. The value of data healthcare organizations controls and maintain is of tremendous value to threat actors, from personal information, payment card data, healthcare insurance number and sensitive health information.
The monetary rewards are great with these bad parties. Unfortunately, data isn’t the only goal for a cybercriminal, operations in the healthcare is of major importance as this could hinder saving the life of a patient. Threat actors can brutely crumble the operations of healthcare organization by causing a denial of service, denying access to Hospital Management System (HMS), inventory systems and data retrieving application. Operations in the healthcare sector is technology and application driven for time management.
These operations are needed to identify, process, allocate patients in the everyday operations in the healthcare sector. Imagine being denied access to test results generated from test laboratory application, operations trickle down to every aspect of the healthcare sector.
Cyber criminals use a popular attack to achieve disruption of operational service in the healthcare sector as well as making needed data inaccessible. Ransomware attack is most common attack used by malicious actors against the healthcare sector. Threat actors deliver this malware into their target’s environment via
several means with the aim to encrypt all the files, demanding for a ransom to restore access to the files while in the process disrupting business operation.
Reports from Kaspersky identified Nigeria to have experienced the most cyberattacks with majority being ransomware and phishing in the year 2021 alongside Ethiopia for the highest cyberattacks post-covid year.
The Ryuk ransomware was a popularly known ransomware which targeted the healthcare sector globally in 2020, ever since there have been outbreaks of other variants of the ransomware as well as newly developed malwares modernized to bypass basic security measures. This is currently the half of the year 2022 and there are already two breakout exploits such as “Folina” which affected a lot of organizations in every sector.
In Nigeria, the CyberMed industry is known to have a large attack surface area for cybercriminals to exploit and take advantage off especially with the use of ransomware. This is due to the lack of applying the right security processes (and Controls) and aligning to a global and national cyber security standard for data protection.
Many healthcare organizations have been breached via business email compromise, phishing, malicious email attachments and vulnerable application. With the implementation of security practices such as endpoint security which is the use of Endpoint Detection and Response (EDR) solution or Extended Detection and Response (XDR) solutions, healthcare organizations can reduce their exposed attack surface as well as the use of other security technology such as firewall and email security gateways. Nigerian Data Protection Regulation (NDPR) was introduced 2019 by National Information Technology Development Agency (NITDA) to aid safeguard, regulate and protect against personal data breaches and ensure all Nigerian businesses in all sectors including the healthcare operate without business disruption caused from a cyber breach.
This regulation applies to all kind of transactions, healthcare organizations are subject to this regulation as it gives impetus to Section 24 of the National Health Act, 2014, which states “All information concerning a user including information relating to his or her health status, treatment or stay in a health establishment is confidential”. As at May 2021, Vanguard news reported the Lagos State Ministry of Health is adopting NDPR and push for healthcare organizations within Lagos to adopt as this will ensure trust of data privacy and protection as well as ensure organizations are implementing the right security practice to prevent and respond to a data breach from a malicious threat actor.
With the evident rise of cyberattacks especially ransomware in the healthcare sector, it is important healthcare organizations adopt NDPR and are compliant which in turn will ensure implementation of global security practice to secure their environment such as cybersecurity awareness training, the use of firewalls for perimeter protection of their external facing networks, EDR, XDR and proactive Monitoring solutions to close security gaps.
Also, the operationalization of standard cybersecurity policies and processes are very cost-effective measure to prevent against a Cyber or Ransomware attack. This will reduce the attack surface area exposed to threat actors which inline would reduce breaches and cyber incidents in the Healthcare sector.
