Report: 2 years post Wannacry attack, how is the healthcare sector\'s cyber-security?

More than two years after the infamous Wannacry ransomware crippled medical facilities and other organisations worldwide, the healthcare sector seems to be learning their lessons, according to a Kaspersky report.

Medical organisations have witnessed only 19 per cent of attacks in 2019, which is significantly lower than 28 per cent of last year, and the 30 per cent attacks that occurred on them in 2017.

However, while the overall statistics look reassuring, more than seven-in-10 medical machines in Venezuela (77 per cent), the Philippines (76 per cent), Libya (75), and Argentina (73 per cent) are still being subjected to web attacks based on the company’s freshest data. Two more countries in the Asia Pacific region were in the Top 15 nations with the most number of detected infections. These include Bangladesh logging 58 per cent of attacked devices and Thailand with 44 per cent.

The numbers were derived after Kaspersky researchers divided the number of devices in medical organisations in the countries with Kaspersky solutions by the number of devices where malicious codes were detected. Medical devices include all servers, computers, mobiles and tablets, IoT gadgets, and hospital machines that are connected to the internet inside a healthcare facility.

Operating System statistics

In terms of the loopholes cybercriminals use to infect hospitals and medical facilities, that outdated Microsoft office accounts to 59 per cent of all exploit attacks in 2019. It is followed by EternalBlue (32 per cent), which is related to Wannacry, as well as Android devices (2 per cent) which are gaining increased access in medical networks.

Human failing

A Kaspersky survey in healthcare sector in US and Canada uncovered that nearly a third of all respondents (32 per cent) said that they had never received any cybersecurity training from their workplace. There is also one-in-10 employees in management positions which admitted that they were not aware of a cybersecurity policy in their organisations.

Acknowledging the serious threat cybercriminals can do against healthcare, Kaspersky suggests medical facilities to:

• Take cybersecurity seriously.
  • Cyberattack in this field should be addressed professionally as it is now a potential risk to someone’s life.
  • All individuals inside a hospital, a clinic, or a medical infrastructure should fully understand the latest cyberthreats and commit to beefing up their workforce, systems, and tools to combat these malicious attacks.
  • Services with threat data feeds and threat intelligence reports can help the healthcare sector understand and prevent potential cyberattacks.
• Verify the security capabilities of your third party suppliers.
  • Medical machines are usually costly and with warranties as long as 10 years. Makers of such healthcare devices should look into building a secure-by-design hardware which is ready for future vulnerabilities.
  • Vendors should also look at forming an incident response team in case of cyberattacks.
• Review access servers.
  • Hospitals and medical facilities are becoming more and more reliant to the internet, hence it is a must to check who has access to which servers and data.
  • Hospital is a public place. An ex-employee can do a lot damage, thus, removal of ex-employee credentials from systems should be taken care of.
• IT security regulation is a must.
  • Similar to the financial sector, relevant public and private should start drafting laws and regulations which aim to address the escalating threats against the healthcare sector.
• Security awareness training for all employees in clinics, hospitals, and other related facilities is more than necessary.