rajib christian cybersecurity

The real threat to healthcare in 2020!

Today 10 Democrat candidates are seeking the nomination for President in 2020 all have a Healthcare plan for America. 

How cybercrime is causing a increase in healthcare cost!

NO PLAN IS SAFE FROM CYBERCRIME!

The Republican President claims to have his own, and there is a current one known as “The Affordable Care Act (Obama Care ). They all feel that their plan safeguards America ‘s health from the constant rise of cost and treatment.  

Since 2012 the highest amount of data breaches have occurred in the healthcare industry, and 2018, there were 15 million patient records stolen as a part of data breaches. (1) 

As an example, in 2019, a ransomware attack resulted in 48,000 patients’ records were taken in Omaha, Nebraska hospital systems that tripled the communities’need for significant hospitals support . Ransomware encrypted the data all PHI (patient health records ) information that forced a ransom payment.

  This was part of an attack by two Iranian men that resulted in a 30 million dollar loss that effected locations all over America. (see US Department of Justice document at https://www.justice.gov/opa/pr/two-iranian-men-indicted-deploying-ransomware-extort-hospitals-municipalities-and-public. ) (2)

The why question!

There are several ideas regarding the reasons why healthcare is a constant target and why they cannot protect themselves from attacks. These attacks and data breaches are a part of the reason why healthcare is expensive, and the hacking of the system serves as a means to obtain PCI and PHI information that can be used on the “Dark Web.

 The connection on the Dark Web serves as a place to sell data but also a place to communicate with criminals that have malware programs, hosting systems, and company information.    

PRINCIPLE MEANS OF THE HACK. 

The EHR application (electronic health record ) is an application that connects to a web server is one of the primary targets of cybercriminals used to gain access to PCI and PHI information. The exploit vectors is through malicious websites, phishing, spearphishing, ransomware, and BEC attacks. 

PCI and PII data sells on the dark web and allows the cybercriminal to use this information to create fraudulent claims for prescriptions to make health records and able to create insurance fraud payment requests and tax returns. 

The loss from this theft serves to expand premiums and cost to medical hospitals and small clinics and offices. 

In many hospital systems, there is a limited amount of funding provided for cyber crimes and the related lost like ransomware or a data breach related to malware, but in many cases, it fails to cover loss of PCI or PII information. 

  IoT and IIOT devices. 

IoT (Internet of Things .)in healthcare systems are multiple devices, but the primary is printers, wifi, monitors, security cameras, and pumps. 

IIOT devices are defined as using IOT’S in the industrial sector. 

The IIOT makes use of a machine to machine communications to leverage the use of x-ray, robotics, and software-defined applications.

IIOT intersects with the IT (industrial technology ), and the OT (operation technology) these connections make use of (SCADA ) supervisory control, and data acquisition, (DCS ) distributed control systems and (PLC ) programmable logic controls. 

All of these systems are capable of being hacked from malicious sites, phishing, and BEC attacks. 

Compliance vs. Security. 

HIPAA is the regulatory system that sets the standards for devices; however, only 72% of the providers have fully met these standards.    

The effective cost of cyber attacks on healthcare IIOT devices. 

 In June 2018, 276,067 individuals lost their data, in April 2019, HIPAA fined M.D. Anderson 4.3 million dollars for failing to encrypt all of its computer systems. Healthcare systems have a problem locating all of the devices that are on the network. And this contributes to their vulnerability. (4)

The “Blackhole.”

The FBI and DHSA have a policy of never paying the ransom for ransomware, and the reasons have been that the encryption key may fail, and your healthcare system remains a target. 

The hackers have created a new method with ransomware that is known as “disruptionware” this malware is designed to suspend the operation in the organizations’ availability, integrity, and confidentiality of the system. 

The real-time results are a: halting of the normal manufacturing process damaged reputation and extortion.  

Cybercriminals can now leverage healthcare systems with this new malware and attack the hospital by encrypting all of the files, using a DOS or DDOS, to damage network connections by tunneling and controlling access.  

Devices like Xrays, MRI, cameras, pumps, and mobile recording systems serve as a vector to allow for IIOT devices to gain the advantage. 

The six primary parts of distructionware

Ransomware -This malware encrypts all of the files on the system by a targeted email or a malicious website. 

Wiper malware – removes the data from the hard drive on a PC or a server.

Bricking – This misconfigures the hardware or firmware on the systems or servers.

Electronic components – Installs botnets that attack the email and network traffic.

Data exfiltration -Steal employee data and sensitive data . 

Network recon tools – install of RAT trojans, keyloggers, and spread malware to critical assets. 

How can the threats to healthcare systems be improved to decrease the rise in cost due to cybercrime attacks?

  1. You are fully training all staff to know what measures to take if you have suspect emails.
  2. Patch all operating systems, software, firmware. 
  3. Ensure antivirus and antimalware over the network, devices, servers, and smartphones are updated and fully installed.
  4. Consistently review and update all administrative access to data.
  5. Develop and process to manage the system groups involved in a phishing and potential compromise issues.

Conclusion :

Between 2009 and 2018, 2,546 Healthcare data breaches have affected 59% of the U.S. population.
The two most significant attacks were against healthcare plans Anthem (78,800.00 ) and Blue Cross (11,000.00). In many cases, the breach is at a healthcare system that has no insurance for hacking attacks or limited coverage for ransomware. (https://cybersecurityforum.com )

The HIPAA regulations are being upgraded in 2019, and there are new medical IIOT systems used to treat patients and detect disease. But many are connected to legacy operating systems that are open to malware and ransomware attacks.
All of these costs directly are felt by the people who need healthcare and services provided by the hospital.
The factor for fines from HIPAA has increased due to failure to encrypt laptops,printers, and monitoring devices because of the large volume of systems on the network.
The is a hope to resolve this problem. It is called cybersecurity Hygiene (https://cybersecurityforum .com ), which is a plan to clean and maintain upkeep on devices and reduce the chance of the spread of malware and access by cybercriminals.

Footnotes.

1# http://www.healthitsecurity.com

2# http://www.trendmico.com 10/2/2019. 

3#www.armis.com 

4#www.healthitsecurity.com 10/10/2019. 

5#www.healthinfosecurity.com 04/11/2019.

6#www.healthitsecurity.com 10/07/2019.

7# the rise of Disruptionware, http://www.forescout.com 

8#https://www.cisa.gov/national-risk-management

9#https://www.fbi.gov/investigate/cyber

  •