In recent months, cyberattacks have hit hospitals at alarming rates.
In the first six months of 2017, healthcare organizations disclosed 233 breaches to HHS, which affected more than 1.2 million patient records. At this rate, 2017 is on track to count more hospital data breaches than 2016, which saw one breach per day.
And the attacks are growing larger.
After the WannaCry ransomware struck health systems and other organizations around the globe in May, Petya, a malware variant mimicking ransomware, compromised data at a number of hospitals in late June.
Now only time will tell what the next big cyberattack will be.
Here are 11 cybersecurity terms healthcare executives should know, compiled with the help of the National Institute of Stands and Technology’s Glossary of Key Information Security Terms.
1. Cybersecurity refers to the processes, technologies and practices which protect an IT system, or more specifically data in electronic form, against damaging threats from cyberspace. Those threats may involve stealing data or unauthorized use — like damage, modification or destruction — of an information system.
2. Information security — also commonly referred to as data security — is defined as protecting any information contained in any system, computerized or hard copy, from unauthorized access, use, disclosure, disruption, modification or destruction. It is done to provide confidentiality (preserving authorized restrictions on information systems access), integrity (ensuring data has not been improperly accessed or replicated and remains authentic) and availability (guaranteeing timely and reliable access to and use of information). These concerns are typically referred to as CIA.
3. A vulnerability is a specific weakness in an information system which opens the system up to a threat. These weaknesses could include design flaws, gaps in security procedures or broken internal controls. Computer and network personnel should maintain system updates and security patches to avoid and remedy vulnerabilities.
4. A patch is an update to an operating system, application or software that directly addresses and corrects a particular vulnerability. Patches often improve system usability or performance.
5. The word breach refers to many types of cybersecurity compromises, but it differs from a cyberattack in that it is more precise and there’s less malicious intent; in other words, data was likely released by mistake, negligence or another unintentional cause.
6. On the other hand, a cyberattack, or hack, refers to compromises caused by people with malicious intent.
7. Malware is short for malicious software. It describes any software intended to damage a computer system through intrusive, malicious code that performs unauthorized functions or processes to compromise the operations of a system.
8. Ransomware is a type of malware that limits or prevents a user’s access to their system. The malicious software may either lock the computer’s screen or the user’s files — often through encryption — until a ransom is paid, typically using an encrypted digital currency like bitcoin. Like other types of malware, ransomware can be spread through email attachments, infected software, infected external storage devices or compromised websites, although a growing number of ransomware attacks have used remote desktop protocols. Additionally, its motive is almost always monetary.
9. While encryption refers to the use of an algorithm to convert plaintext into ciphertext — data scrambled to the point it becomes unreadable — for security or privacy, end-to-end encryption is the process of encrypting data while it is passed through a network. In end-to-end encryption, routing information — its origin and destination — remains visible.
10. A firewall describes a program or part of a computer system that controls the flows in network traffic, specifically blocking unauthorized access. These capabilities deploy different security postures and abide by different sets of security rules.
11. Penetration testing is a method of testing an information system’s cybersecurity strength. During the test, security assessors attempt to defeat the system’s security features as if they were a real-world attacker. These tests often deploy real attacks, by applying the same tools and techniques used by attackers.