Healthcare and aged care organisations are attractive and relatively easy targets for cybercriminals, creating an urgent need for these organisations to protect themselves, their staff members, and their patients and clients. Visibility and control of all devices connected to the network, patching outdated systems, and segmentation of the network itself are three ways these businesses can protect themselves in a time when attacks are accelerating.
COVID-19 has put pressure on the healthcare system, leading to rapid digital technology adoption to maintain continuity and productivity. According to Forescout’s recent The Enterprise of Things Security Report, this reliance on new technologies and increased connectivity has resulted in an increase in the number and severity of vulnerabilities in medical devices and cyberattacks on hospitals.1 These devices are critical and must be effectively secured. In many organisations, a significant number of out-of-date devices are connected to the corporate network, creating vulnerabilities that cybercriminals can exploit. These devices include personal laptops, tablets, and smartphones which aren’t held to the same standard of security checks as corporate-owned devices, and might have already been compromised before they joined the network. Most organisations have limited if any visibility into these devices, and can’t manage them centrally to ensure they’re patched to protect against the latest exploits.
On the positive side for the aged care sector, COVID-19 has forced digitalisation to accelerate, moving the industry closer towards the new era of aged care, known as Aged Care 2.0. The long-term benefits of Aged Care 2.0 will be significant; however, in the short term, it’s crucial to address security issues so organisations can reap these benefits safely.
For example, while cloud adoption increases the visibility and control of connected devices, it can also increase the attack surface, giving cybercriminals a gateway to exploit vulnerabilities. Additionally, many aged care facilities rely on multiple siloed systems that each deliver certain functions of care, as well as a combination of cloud and legacy operating systems (OS). This complexity, along with the mission-critical nature of these devices, means health and aged care organisations don’t tend to have time to apply updates and patches. Updating the OS can plug security gaps but, when that doesn’t happen, out-of-date devices can sit unmonitored on corporate networks, creating a risk of old vulnerabilities being exploited.
Medical devices running legacy OS and firmware require costly updates that can potentially incur downtime that isn’t acceptable for critical-care systems. And some legacy applications simply aren’t compatible with more recent versions of an OS and must be run as-is, using additional controls to provide security.
Full visibility and centralised control of all devices on a network is a key way that way organisations can protect themselves right now. Protection and prevention can only come from having a holistic view of all connected devices, what OS they are running, and what they are doing on the network.
To achieve this, healthcare and aged care organisations must monitor corporate networks using tools that detect anomalies which could disrupt operations and endanger patients. Additionally, connected networks and devices must be segmented appropriately to protect access to critical information and services.
By segmenting the network, healthcare facilities can reduce their risk in four ways:
1. Improved security: isolating network traffic to prevent access between network segments.
2. Better access control: only allowing users to access specific network resources.
3. Better containment: reducing the impact of a compromise to a smaller area.
4. Identify suspicious behaviour: preventing future attacks by logging events and monitoring internal connections to detect suspicious behaviour.
The disruption caused by COVID-19 has accelerated the movement towards Aged Care 2.0, as Australian healthcare and aged care providers seek the visibility and flexibility needed to manage future disruptions. They need to implement tools that provide full visibility and control of the network, let them centrally manage the latest updates and patches to neutralise vulnerabilities, and segment the network to mitigate risk. Organisations that do this successfully will be able to move into the new, digital era with confidence.
This guest post has been written by – Steve Hunter, senior director, systems engineering, Asia Pacific and Japan, Forescout.