Health and IT security

Health and IT security

December 12, 2020 Off By admin

From the beginning of the year to the containment period since March, health facilities have become one of the prime targets of hackers.

Examples are legion and it does not go a month without the health facility of any hospital or laboratory being the victim of a computer attack at the attempted intrusion. The need to increase the protection capacity of health service networks has become a priority today.

This article will also interest you: In the midst of the coronavirus pandemic crisis, a Czech hospital is the victim of a computer attack

A year ago it was already felt that safety at the health facility level was not really the best and even worse, it was felt to be at an alarming level. The year ended with the violation and disclosure or theft of data that belonged to nearly 16 professional miles in the health sector. Data that consists of both passwords and other login credentials or personal information. Unfortunately, all these problems were amplified in 2020. And the reasons for this are none other than what everyone already has an idea: the coronavirus pandemic and its direct consequences such as the massive adoption of telework.

In view of all this, it was observed that IT infrastructure for almost all industries was clearly vulnerable, particularly in terms of health.

"The year 2020 will have amplified these concerns, as the COVID-19 pandemic has revealed the true vulnerability of health infrastructure. Health facilities initially had to deal with the medical and financial consequences of the pandemic. And secondly, the security risks inherent in the home work model and the increasingly sophisticated attacks of cybercriminals seeking to exploit these vulnerabilities. explains Martyn Crew, Director of Solutions Marketing at Gigamon.

The coronavirus pandemic is a boon for cybercrime. Hackers have made every effort to be able to make the most of the fallout from this situation. Through various forms of attack such as phishing, they have not stopped collecting data necessary for them to implement the cyber-mallet strategy. The fear of individuals in the face of the disease has unfortunately made them vulnerable.

"Cybercriminals and malicious actors quickly found a way to take advantage of the COVID-19 pandemic through phishing attacks. They exploited the fears of patients and health care workers who, as soon as telework became widespread, accessed the majority of corporate networks via their smartphones and personal computers secured from their home networks. Martyn Crew says.

From there the security problem started. The Mirai, Botnet attacks exploited the various vulnerabilities offered by computer networks and systems. The health sector has been particularly targeted at all research institutions in the CoVid-19 vaccine. Dropper-type attacks have also boomed with ransomware.

Faced with the situation, health facilities decided to take appropriate measures and to improve their safety. However, computer attacks persist. Unfortunately, some even reach their goal. A few months ago, a German patient died after a computer attack on the health facility in which he was interned.

In addition, it is clear that the protection measures deployed by health organizations are struggling to meet the need. And even beyond health organizations, companies too are affected by the ineffectiveness of their protection in certain senses. Martyn Crew explains: "Many companies have made secure computers using detection and response (BD) solutions available to telecommuting employees. They have also made the use of virtual private networks (VPNs) mandatory, but this does not entirely solve the security problem. These solutions protect the user and the network from future attacks. But if network infiltration has already occurred, attacks in the form of advanced persistent threats (TPAs) can remain dormant for weeks, months, even years, on a network that seems secure. ».

As a result, we are inevitably moving towards a new model of cybersecurity. Experts talk about the Zero Trust security architecture. An organization that meets the needs of remote collaboration and the relationship between health professionals and patients.

Now access an unlimited number of passwords:

Check out our hacking software