Holidays May Pose Higher Cyber Security Threat to Health Care Providers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Taking advantage of reduced staffing, cyber criminals may time their attacks to coincide with holiday periods, suggesting that physicians and other personnel at health care institutions should make sure their information technology (IT) team is on alert during the Christmas and New Year’s holidays.

On Thanksgiving Day, November 23, Nashville-based Ardent Health Services and its affiliated entities (Ardent) became aware of a ransomware attack. It affected 30 hospitals across the country. This attack forced the diversion of ambulances to emergency departments at other hospitals and the rescheduling of elective surgeries. Ardent’s IT team immediately began working to understand the event, safeguard data, and regain functionality. Ardent proactively took its network offline, suspending all user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs.

On December 6, Ardent successfully restored functionality to certain clinical and business systems, including Epic, an electronic medical records platform, the company said. Ardent reported this event to law enforcement and retained third-party forensic and threat intelligence advisors.

Vanderbilt University Medical Center (VUMC), which operates 7 hospitals and other facilities across Nashville, Tennessee, was also attacked on Thanksgiving Day. VUMC reported a cybersecurity incident that resulted in unauthorized access to a database serving an extensive health care system that provides medical services to more than 3 million patients annually and employs around 40,000 staff members.

Health Care Is a Prime Target

“Because of the high value of PHI [protected health information], access to clinical research, and the desire to acquire controlled substances, health care remains one of the most targeted industries by threat actors,” said Ryan Witt, vice president for Industry Solutions at Proofpoint in Sunnyvale, California. “Furthermore, health care, like many industries, has struggled to hire an adequate number of cybersecurity professionals.”

The demand for these workers is high, and the ability of health care entities to pay a competitive salary has been a challenge. Moreover, he said health care is heavily regulated, with laws like HIPAA imposing strict data security and privacy requirements. “This complex regulatory environment sometimes requires cybersecurity professionals in health care to have specialized knowledge, which can be a barrier to entry for some candidates,” Witt said. “Cyber criminals understand these staffing challenges and may view the holiday season as an optimal opportunity to strike.”

AI Used to Prevent Cyberattacks

Cyberattacks and data breaches can cripple organizations, not only financially, but in safely delivering patient care. With the rise of AI tools like ChatGPT, there is increased interest in how health care organizations can integrate this technology to prevent phishing, malware, and other malicious activities. For example, IBM Security provides AI-powered solutions that optimize risk analysts’ time. The system reportedly can accelerate threat detection, expedite responses, and protect user identity and datasets. AI-powered risk analysis can produce incident summaries for high-fidelity alerts and automate incident responses. IBM Security touts its AI system as a new way to accelerate alert investigations and triage by an average of 55%.

The technology is specifically designed to balance user access needs and security. AI models can analyze the risk of each login attempt and verify users through behavioral data, simplifying access for verified users and reducing the cost of fraud by up to 90%, according to IBM Security.

“AI may be able to better discriminate from our traditional rules-based approach. I think we are going to see a lot of AI applications in cyber security,” said Christopher A. Longhurst, MD, chief medical officer and chief digital officer for UC San Diego Health in California and executive director for the Jacobs Center for Health Innovation. He recently testified before Congress on issues related to AI in health care, including cybersecurity.

Dr Longhurst is part of a team implementing innovative digital solutions that help improve the patient experience. “I think physicians take privacy and security very seriously, so staying up to date is important,” he said. “These new AI tools hold great promise for liberating physicians from keyboards and allowing them much more time with patients.”

While the Thanksgiving cyberattacks were notable, there are no historical data suggesting that the Christmas and New Year’s holidays are a high-risk period, he said. “It is not always true that holidays pose a heightened risk,” Dr Longhurst said.

Holidays aside, data from Proofpoint’s study Cyber Insecurity in Healthcare 2023 confirm that health care is one of the most attacked industries. Health care organizations are particularly vulnerable to business email compromise, spoofing, and phishing, so they should invest in preventive technologies, Witt said.

But to thwart attacks, health care organizations need to look beyond technology and focus on the people being targeted. “They are your best and last line of defense. Security awareness training should also be part of the security layer,” Witt said.


Click Here For The Original Source.

National Cyber Security