March 13, 2024 at 10:45AM
Ransomware attacks on the healthcare sector continue and are unlikely to decrease due to the industry’s susceptibility to exploitation. The sector’s reliance on diverse OT devices controlled by IT systems over WiFi, coupled with challenges in patching and device management, poses a significant security risk. Segmentation is recommended to mitigate the impact of potential breaches.
Based on the meeting notes, the key takeaways are:
1. Healthcare remains a primary target for ransomware attacks due to the industry’s susceptibility to exploitation, low tolerance for disruption, and strong incentive to quickly resolve extortion attacks.
2. The healthcare sector suffered 249 reported ransomware attacks in the past year, indicating its vulnerability to cyber threats.
3. Vulnerability patching poses a challenge for healthcare due to the large quantity of disparate OT devices, the complexity of patch certification programs, and the prevalence of unsupported OSes on medical devices.
4. Compounding the issue is the length of time it takes to gain FDA device certification, which may hinder the timely implementation of patches for medical devices.
5. Patient privacy and safety are at risk due to vulnerabilities in medical devices, potential threats to patient privacy and life, and the large number of third-party individuals (such as patients) who interact with medical devices.
6. The complexity of mitigating security issues, promoting security awareness among staff, and the intricacies of patching and onboarding new devices contribute to the challenge faced by healthcare defenders in ensuring complete and continuous cybersecurity success.
It is recommended to implement network segmentation to isolate connected medical devices from corporate networks as a paramount strategy to limit the impact of potential device compromises within healthcare networks.