“Attacks on healthcare jumped by 45% between October 2020 and January 2021.” The claim comes from Mihoko Matsubara, Chief Security Strategist at NTT writing in the March 2021 NTT GTIC Monthly Threat Report. This is more than cybercriminals seeking to install ransomware. They have also targeted any part of the healthcare system that is involved in COVID vaccine research and even shipping. In November 2020, a ransomware attack against Americold, a company shipping the vaccine, caused the company to suspend its business operations.
The problem for healthcare, on a global basis, is that it is traditionally underfunded and an easy target. Computers are left in public places making them an easy target for attackers posing as patients or even other healthcare workers. The interconnected nature of healthcare also works against it by allowing attacks against smaller facilities to easily propagate. This is what happened to the UK NHS when WannaCry hit it.
Matsubara highlights the lack of cybersecurity maturity in healthcare. She said: “Our 2020 Global Threat Intelligence Report found that the healthcare industry scored only 1.12 in terms of cybersecurity maturity level while the financial industry showed a maturity of 1.86 points. Furthermore, the pandemic has made it challenging for healthcare institutions to continue to invest in cybersecurity due to the increasing safety budgets for patients and medical staff.”
The question is, what can be done about it? Matsubara says there is a silver lining for healthcare. Organisations such as the COVID-19 Cyber Threat Coalition and CTI League are offering help to healthcare institutions. NTT also offered free cybersecurity consulting for healthcare at the height of the pandemic. But none of this is a long-term fix. There is a need for a complete review of cybersecurity across the sector.
In ‘Zero’ we trust
Also in the March GTIC report, Danika Blessman, Senior Threat Intelligence Analyst, Global Threat Intelligence Center, US, NTT writes about Zero Trust. The idea of ZT has been around for several years now but, like any framework, it is not an overnight fix.
There are three pillars to a ZT framework, according to Blessman. They are:
- Enforcing policy-based control.
- Providing greater visibility across the network environment.
- Using detailed security logs to assist in detecting anomalies in the network.
The elements for each of these are likely to already be in use inside organisations. The challenge is how to bring them together to do a better job than is done today. It is a non-trivial task, especially as areas such as privileged access control and security policies are often poorly implemented.
Blessman goes on to say: “Integrating a Z framework will go a long way in removing some of the guesswork in protecting your organization’s network and infrastructure and allow for resiliency in network defense – a better way to address unprecedented and unanticipated threats to your network.”
But is a ZT framework enough? Not according to Blessman. She points out that it is just part of a wider Secure by Design strategy that companies should be working towards.
Enterprise Times: What does this mean?
In addition to Zero Trust and problems with healthcare cybersecurity, this months GTIC report also takes a look at critical national security. The latter, like healthcare, has seen a significant increase in attacks over 2020.
The challenge for all organisations is how to better secure their environments. Calling out two at-risk sectors makes sense as both impacts on everyone. Highlighting Zero Trust as part of a secure by design approach is also important, especially as it plays to the wider NTT Ltd cybersecurity story.
