By Patty Brogdon of NIKSUN

An alarming trend is happening all over the nation with hackers breaking into hospital networks and stealing valuable patient data. This multi-billion dollar problem is hitting New Jersey particularly hard. In fact, according to NJ.com, approximately one million patients at New Jersey medical facilities have been compromised thus far and that number is expected to grow. While human theft and misplacement of servers and other equipment do account for a portion of that amount, the greatest threats to patient privacy occur over the network.

Why Do Hackers Target Hospitals?

While attacks on banks and financial institutions have an obvious motivation (that’s where the money is!), attacks on hospitals just seem cruel. Hospitals are places where people go when they are in need of medical attention, served by the medical staff that is trying to save lives. Even in war zones both sides usually stay away from medical targets and mash units. So why target such safe havens of humanity? It’s actually pretty simple.

The Hacker Marketplace

There exists a black market for which the stealing of credit card and personal information is in great demand. A hacker who gets a hold of an individual’s credit card number earns $1 for that financial record. But a hacker who steals an Electronic Health Record (EHR) earns $50 per record. The reason? Credit card companies and banks can quickly shut down a compromised credit card, while an EHR has a much longer shelf-life. Not only that, it contains much more sensitive information than just financial data, spiking its value within the hacker marketplace.

Ransomware on the Rise

Ransomware is the act of hackers infiltrating a hospital’s network, encrypting the data so that it is unusable to the medical staff, and then contacting the hospital with their demands. This desire most often manifests as hundreds of million dollars in exchange for the decryption key to decrypt the data back to its normal state. This is happening in hospitals all over the nation at alarming rates, and in most cases, hospitals pay the ransom to get their data back (or risk losing many more millions waiting for the crime to be solved) and then contact authorities after the fact.

How Do Hackers Break into Networks?

The most common way that hackers break in is with phishing attempts (fake emails impersonating a real company or individual). Once inside the network, these nefarious actors deposit “malware” which goes to work gathering the sensitive information in stealth mode – undetectable by traditional, reactive, methods of network security. Just as prevention habits are important in the health care industry, preventing malware and other attacks is perhaps the most critical step to secure a hospital’s network perimeter.

How Can Hospitals Protect Themselves?

There are four ways that hospitals can protect themselves from ransomware and malware attacks.

• Continuous Backup. If a hospital runs a backup of their data continuously and a hacker breaks in and encrypts its main database, the hospital can simply restore the encrypted database with a backup (provided the backup has not also been hacked and encrypted.)
• Encrypt their own data. This is beating ransomware attackers at their own game. Rather than be a sitting duck, hospitals can proactively encrypt their own data, making it useless to attackers on the black market. However, if the hackers get access to a PC or user account that has access to the contents of the database, such as an administrator or a doctor, then the hackers could still get to the records.
• Educate employees. Many hackers get in through phishing emails – a legitimate looking email that contains a link that installs the malware. An uneducated employee would innocently click on the link without knowing it is a phishing scam. Instead, instruct all employees to hover over the link with their mouse, to see where it’s really going before clicking on it.
• Install security appliances that are able to diligently monitor all network traffic, capture it in real-time, perform analysis, and alert security and network professionals when or if a breach is detected. The biggest benefit will be from security appliances that can also provide such in-depth visibility that you can actually stop the hackers from getting into the network in the first place.

Securing the Network is Key

As you can see, there is no fool proof way of circumventing this problem. What we have to do is to stop the hackers from getting into the network in the first place. Of the four methods above, number 4 is perhaps equally important and often ignored in practice because of a lack of understanding of all the ways that hackers get to the medical records. While backing up and encrypting data are useful proactive steps, a good hacker will still find their way around. Just as a virus evolves to render a medicine useless, cyber threats are constantly changing in order to find new ways around these known barriers.

Similarly, educating workers against phishing scams is a sure-fire way to reduce your susceptibility to these threats, but research has shown that this does not necessarily work in practice. Even after education, studies have shown that over 66% of people who just left the course on exactly this topic went back to their computers and clicked on test phishing links sent by the educators!

There needs to be a way to monitor the entire perimeter of the network with 100% visibility into what is going on within it. If you think about securing the famous Mona Lisa painting, for example, you wouldn’t have one or two cameras in place, you would have detection beams from all angles, alarms on every door, window or other access point, and a real-time monitoring system that not only sees all and knows all, but records the information for later playback and alerts you when something is amiss. This lets you and your system act in real-time to stop threats before they cost you tremendously.

New Jersey based company NIKSUN, Inc., does the same for your network. Protecting network data since 1997, the company recognizes the unique challenges of healthcare facilities, helping them to monitor, detect, and thwart malicious attacks that can cost hospitals millions – not only in dollars but in reputation. NIKSUN’s latest line of products have been rated five-out-of-five stars in cyber-forensics tests and are currently deployed to protect the US Department of Defense’s most critical systems, in addition to thousands of other networks.

“Not only are ransomware and data breaches serious threats, but compliance mandates such as HIPAA and protecting patient privacy are equally critical,” said Dr. Parag Pruthi, Founder and CEO of NIKSUN. “It is not only a mandate by federal and state regulations that is important for hospitals but also a moral obligation to protect individuals from greater harm while visiting a place of healing and sanctuary.”

NIKSUN offers healthcare facilities a complimentary and fully confidential evaluation of their “cyber threat network security assessment.” The evaluation is provided by a NIKSUN team of experts that checks access points and flow of network data, providing reports on any weaknesses and vulnerabilities found. Even if a healthcare facility chooses not to deploy NIKSUN for cyber threat security, the report is theirs to keep. For a free evaluation, contact NIKSUN.