医疗保健网络安全市场研究

露丝-斯坦纳特

SIS 国际市场研究与战略

完全不同的病毒

简要概述持续进行的阻止医疗保健领域网络入侵的战斗。

In addition to subversive hacking in the business world, where private information can be compromised and sensitive company data absconded with, cybersecurity measures are now employed to negate the effects of hacking by foreign entities, used a political weapon. It is an increasingly serious global problem, and one that has necessitated the implementation of advanced cybersecurity methodologies to counteract the increasingly sophisticated capabilities of hackers to subvert these very systems.

“In recent years, cybersecurity has been a growing concern in healthcare, with high-profile cyber-attacks and vulnerabilities causing disruptions for insurers, hospitals, and medical device makers. The stakes for patients are high too as patient data could be lost or tampered with, hospital services interrupted, or patients harmed through attacks targeting specific devices … “ 1

政府干预打击网络犯罪

The rapid digitization of the healthcare industry makes this sector particularly vulnerable to cyber attack, and this fact has not been lost on the US Congress.  The House Energy and Commerce Committee recently convened to address cybersecurity in the health sector. Information Sharing and Analysis Centers (ISACS) may be key in providing enhanced security for healthcare providers and in thwarting efforts of would-be cyber attackers.

Through the interactive efforts of the 24 organizations that comprise the National Council of ISACs (NCI), great efforts are being made to “maximize information flow across the private sector critical infrastructures and with government. Critical infrastructure sectors and subsectors that do not have ISACs are invited to contact the NCI to learn how they can participate in NCI activities.”2

It is, of course, a Herculean undertaking to strengthen the partnership between public and private entities in healthcare with regard to cybersecurity, considering the myriad industries and agencies of government that are responsible for regulating and delivering said healthcare. Congress has been encouraged to provide tax breaks and other incentives to prompt companies to get involved with the ongoing effort of ISACs.

参与度低阻碍网络安全实施

Unfortunately, poor participation rates among healthcare facilities have been a persistent problem in the ongoing efforts to implement effective cybersecurity measures across the sector. According to Terry Rice, vice president of IT risk management and chief information security officer at Merck, “companies may be hesitant to share information within an ISAC if they fear the information will not remain confidential to its members.”3

“I think the most shocking statistic was really the fact that 40% of the individuals at the top of an organization–executives like CEOs and CIOs, and even board members–didn’t feel personally responsible for cybersecurity or protecting the customer data.”   Dave Damato, Chief Security Officer at Tanium, on CNBC’s Squawk Box谈论医疗行业的网络安全 13

医疗保健领域网络犯罪的高昂成本

SIS 国际市场研究与战略

Aside from the obvious threat of compromised patient information and other incidents of data theft, failures of cybersecurity are incredibly expensive, to the tune of $6.2 billion annually, according to a 2016 research project conducted by the Poneman Institute. Insights revealed in their studies revealed that “nearly 90 percent of the healthcare organizations … had endured a data breach during the previous two years. Forty-five percent had more than five data breaches in that period, with the average cost of a cyber attack totaling $2.2 million. The data contained in electronic health records (EHRs) is often cited as the reason healthcare is such an attractive target in the eyes of a hacker.”4

As secure as people like to believe their health information is in the possession of their doctor’s office or hospital, it is often not the case. The ongoing digitization of health records has been an expensive proposition for the healthcare industry. Securing all that information is another monumental expense, and sometimes this part of the cybersecurity equation has been neglected in the interest of cost-savings, or just by the large-scale nature of the overall endeavor.

医疗保健领域网络盗窃的利润丰厚本质

Of course, health records are a hot commodity on the black market, and they can fetch top dollar from parties seeking to obtain personal information, billing addresses, and credit card numbers. Hacking can be a very lucrative enterprise, indeed. Consider this example. “Hackers made off with more than 2.2 million patient records from Fort Myers, Florida-based 21st Century Oncology in March of 2016. A month later, someone stole a laptop with 205,748 unsecured patient records on it from Premier Healthcare, LLC.” 5

勒索软件的出现

勒索软件对大多数人来说都是一个新词,他们熟悉最近在全球发生的 WannaCry 攻击,这种攻击使关键基础设施系统瘫痪,并向那些因焦虑和潜在数据丢失而成为受害者的人索要巨额赎金。医疗保健行业尤其容易受到勒索软件的攻击。

“医院是这种勒索行为的最佳目标,因为它们提供重症监护,并依赖患者记录中的最新信息。如果无法快速获取用药史、手术指示和其他信息,患者护理可能会被延迟或停止,这使得医院更有可能支付赎金,而不是冒着可能导致死亡和诉讼的延误的风险。” 6

Ransomware malware, in effect, locks up a computer and makes data inaccessible unless a ransom is paid to the perpetrator. Usually, this payment is made in the form of Bitcoin. In most instances, a time limit is established for the ransom to be paid, otherwise the computers data will be destroyed. Though most stricken parties don’t pay the ransom, enough do to make it a particularly lucrative criminal enterprise.

The healthcare industry has been vulnerable to ransomware attacks because, surprisingly, many hospitals have taken inadequate steps to prevent cybersecurity breeches. Instead, most hospitals have focused their primary concern on meeting HIPAA compliance and meeting federal guidelines to ensure the security of patient information. Ultimately, most employees in healthcare are simply not trained well enough to recognize and thwart cyber attacks before they occur. Even when adequate training and cybersecurity measures are in place, it is a continuous challenge to outwit perpetrators who constantly remain one step ahead of the game.

物联网设备也面临风险

To add a layer of seriousness to the present situation, cyber attacks can affect not only computers, but devices that are connected to them, as well. Medical tools, heart and glucose monitors are but a few examples of devices vulnerable to cyber attack. Vice-President Dick Cheney famously demanded that his pacemaker be made safe from cyber attack, lest those with ill-intent not manipulate the function of his device remotely. Quite frankly, interference with such devices can be deadly for the patients who depend on them to live.

以医疗黑客为例,“在当前使用的一种攻击中,攻击者将恶意软件注入医疗设备,然后通过网络传播。在此类攻击中发现的医疗数据可用于税务欺诈或身份盗窃,甚至可用于跟踪有效药物处方,使黑客能够在线订购药物,然后在暗网上出售。” 7

No patients have, as far as I know, been killed due to a hacked pacemaker, but patients have been killed due to malfunction[s] of their medical devices, configuration errors, and software bugs. This means that security research in the form of pre-emptive hacking, followed by coordinated vulnerability disclosure and vendor fixes, can help save human lives.” SINTEF 安全研究员 Marie Moe 在“黑客们,来吧,伤我心”(《连线》)13

美国联邦通信委员会现在建议医疗设备的物联网供应商在其生产的产品中内置安全措施;这是建议的关键词。实际上,为这些制造商制定强制性安全措施和要求是一项耗时的工作。此外,用于在设备和数据库之间中继数据的网络也迫切需要实施和监控网络安全。

新总统,新秩序

There was much speculation as to how the Trump administration would address issues of cybersecurity. On May 11, 2017, the president signed an executive order that mandated a review of the nation’s overall abilities to combat criminal cyber-activity. The order places the brunt of responsibility concerning cybersecurity on federal agencies which were to do risk assessments and turn in their respective reports within 90 days. Additional reports examining critical infrastructure risks were due six months after the president’s order was issued.

“该命令要求审查僵尸网络所构成的威胁,这些僵尸网络针对的是自动生成垃圾邮件流量的网站。 Mirai 僵尸网络 去年造成了严重的互联网中断。但 Access Now 表示,该命令还应解决政府的漏洞披露流程及其对数据泄露的响应。”

There is no overall preventative measure or measure that can eliminate the risk of cyber attacks. Rather, hospitals, clinics, and private practices can only hope to work together and manage the continuous risks in the interest of protecting the private information and the general safety of their patients. Concurrently, continuous technological advancements will hopefully address the vulnerability of medical devices and computer networks.

遏制网络犯罪对医疗行业及其他领域可能造成的灾难性影响的努力远远超出了美国范围。目前,全球正在努力遏制全球网络攻击浪潮,或至少尽量减少网络犯罪分子入侵医疗系统、肆意破坏和勒索、不择手段的恶行所造成的影响。

网络攻击的政治动机

SIS 国际市场研究与战略

With the hostile political climate that exists between North Korea and virtually every other country in the civilized world, it is not surprising that the rogue nation has been cited as a probably offender in the recent WannaCry ransomware attacks, and other ill-willed endeavors undertaken for political reasons and for the purposes of financial extortion.

“网络安全研究人员发现了一些技术线索,据称这些线索可能将朝鲜与全球“WannaCry”勒索软件网络攻击联系起来…… 感染了150个国家的30多万台机器. Symantec and Kaspersky Lab said …  some code in an earlier version of WannaCry 软件 也出现在拉撒路集团(Lazarus Group)使用的程序中,许多公司的研究人员已确认这是朝鲜发起的黑客行动。” 10

并非所有专家都认为勒索病毒 WannaCry 攻击是出于经济原因。英国网络咨询公司 Hacker House 的马修·希基 (Matthew Hickey) 等一些人认为,攻击者只是想“造成尽可能大的破坏”。在受攻击影响最严重的国家,包括印度、台湾、乌克兰和俄罗斯,情况确实如此。

一些人,比如俄罗斯领导人弗拉基米尔·普京,指责美国国家安全局在 WannaCry 勒索软件攻击中扮演了重要角色。WannaCry 技术被认为是“基于一种泄露的工具,利用了 Windows 中的一个安全漏洞,而该漏洞似乎源自美国国家安全局。”普京在北京表示:“我们完全清楚,如果这些妖怪被放出来,尤其是秘密机构制造的妖怪,可能会伤害到它们的作者和创造者。” 据俄罗斯国家通讯社塔斯社报道11

“This next president is going to inherit the most sophisticated and persistent cyber espionage cultures the world has ever seen, He needs to surround himself with experts that can expedite the allocation of potent layers of next-generation defenses around our targeted critical infrastructure silos.”  James Scott, Senior Fellow, Institute for Critical Infrastructure Technology 14

卫生领域打击网络入侵的趋势

Obviously, the threat of cybersecurity breaches across all sectors of business and industry will not abate. In healthcare, there will be an ongoing and incessant need to improve technology and overall vigilance to avoid disastrous incidents in the future. Certain protective trends are emerging that might be seen as the future of cybercrime deterrence in healthcare.

At the top of the list is an increasing migration to cloud-based information security tools. This move “will allow the tools to be updated more dynamically to address zero-day type malware.  This move to the cloud should ultimately make it more economical to make these tools available to all healthcare providers – large and small.” 12

In addition, the healthcare industry will be forced to encourage increased information sharing and collaboration across health networks and between facilities. This mutual cybersecurity effort will be difficult to instigate as health institutions are often quite insular by nature. It is predicted that this sharing of information will reach beyond healthcare to include many sectors of business and institutional endeavors to minimize risks for all involved.

Ultimately, the effort to negate the dangers of cybersecurity breaches, ransomware, and new and emerging threats in this arena will come down to education and awareness on all employee levels in healthcare and beyond. When everyone is well-educated and made to see warning signs of cyber-risks and what they can do to be part of an overarching effort to stem the tide of cyber-incursion, the healthcare industry and all protectors of civilized information sharing around the globe will continue to make meaningful strides towards limiting the damaging effects of cybercrime in all sectors.

AI-Driven Website Security: WP Safe Zone for Healthcare

In the healthcare sector, where sensitive patient data is a prime target for cyberattacks, robust website security is critical. The rise of AI in cybersecurity is providing powerful solutions to combat these threats. One standout example is the WP Safe Zone plugin, tailored for WordPress websites.

WP Safe Zone utilizes artificial intelligence to protect websites from malware, brute force attacks, and unauthorized access. Its AI algorithms constantly monitor and adapt to emerging threats, ensuring real-time protection for healthcare organizations’ online platforms.

As cyber risks in healthcare continue to grow, tools like WP Safe Zone demonstrate how AI can safeguard critical systems, ensuring both data security and compliance with strict regulations.

我们可以帮助您实现网络安全

SIS 国际研究公司数十年来一直与医疗保健行业进行多层次的互动,从独立的家庭诊所到多层次的整体医疗网络。我们对医疗保健行业企业和机构所面临的挑战有着无与伦比的独特理解。我们提供有关利益相关者的研究和情报[/fusion_text][fusion_text]

我们的解决方案包括:

如今,针对我们最受尊敬的医疗机构及其服务患者的网络犯罪日益增多,威胁也愈发复杂,我们以最严肃的态度看待自己的角色。作为一家以理解医疗行业的重要性和多面性而自豪的公司,我们将继续为医疗相关的实践、设施和组织提供客户所期望和要求的高质量和全面的研究能力。通过这种方式,我们希望尽自己的一份力量,帮助医学界了解和打击医疗行业中非常真实和严重的网络攻击威胁。

本研究的编写使用了以下资源:

  • http://www.raps.org/Regulatory-Focus/News/2017/04/04/27267/Cybersecurity-House-Committee-Looks-to-Build-on-Public-Private-Partnerships/#sthash.x4Xvdf6q.dpuf
  • https://www.nationalisacs.org/
  • http://www.raps.org/Regulatory-Focus/News/2017/04/04/27267/Cybersecurity-House-Committee-Looks-to-Build-on-Public-Private-Partnerships/#sthash.x4Xvdf6q.dpuf
  • https://learningnetwork.cisco.com/blogs/talking-tech-with-cisco/2017/03/21/cybersecurity-and-healthcare-a-forecast-for-2017
  • https://learningnetwork.cisco.com/blogs/talking-tech-with-cisco/2017/03/21/cybersecurity-and-healthcare-a-forecast-for-2017
  • https://www.wired.com/2016/03/ransomware-why-hospitals-are-the-perfect-targets/
  • https://www.wired.com/2017/03/medical-devices-next-security-nightmare/
  • https://techcrunch.com/2017/05/11/trump-signs-long-delayed-executive-order-on-cybersecurity/
  • http://www.healthcareitnews.com/news/top-10-cybersecurity-must-haves-2017
  • http://www.dingit.tv/highlight/1441974?utm_source=Embedded&utm_medium=Embedded&utm_campaign=Embedded
  • www.healthcareitnews.com/blog/3-trends-shaping-future-cybersecurity
  • https://www.forbes.com/sites/danmunro/2016/12/18/top-ten-healthcare-quotes-for-2016/#5f47fb6b127f
  • http://www.goodreads.com/quotes/tag/cyber-security

作者照片

露丝-斯坦纳特

SIS 国际研究与战略创始人兼首席执行官。她在战略规划和全球市场情报方面拥有 40 多年的专业知识,是帮助组织取得国际成功的值得信赖的全球领导者。

满怀信心地拓展全球业务。立即联系 SIS International!

与专家交谈