HIT Think: Why network protection needs to evolve to keep pace with new attacks

By Adam Stern | HealthData Management

It’s no longer news that hacking is the new normal.

There’s nothing alarmist about acknowledging that ransomware and Distributed Denial of Service (DDoS) attacks are becoming more acute, especially in healthcare. As ZDNet recently noted, a report from cybersecurity researchers at Kaspersky Lab revealed 2,900 new ransomware malware modifications between January and March 2016, a 14 percent jump from the fourth quarter.

As reported in Health Data Management, the fourth annual IT security study by the Ponemon Institute shows that “data breach preparedness certainly is on companies’ radar, and having a response plan in place is par for the course.” While the number of organizations with a plan increased from 61 percent in 2013 to 86 percent in 2016, some 38 percent have no set time period for reviewing and updating [their plan], and 29 percent have not reviewed or updated their plan since it was put in place.”

Last summer, a cyberattack against the New Jersey Spine Center exposed some patients’ medical, demographic and account information, credit card numbers and Social Security numbers, as well as the encryption of the center’s electronic patient records, telephone system and most recent data backup. The provider, which offered one year of identity protection services to affected individuals, paid the ransom demanded by hackers to recover access to its information systems.

Given the rising threat of malevolent actors subjecting healthcare organizations and others to ransom demands and the sheer frequency of DDoS incidents, enterprises need to up the ante in terms of how they regard security, and how they anticipate and respond to the risk of business interruption online, especially where medical and/or financial data is concerned.

Files emailed or otherwise conveyed to healthcare providers from virtually any source “present risks, and hackers continue to target organizations, particularly with ransomware,” writes Kacy Zurkus, security specialist for IDG’s CSO, contemplating the potential peril from hacks and malware.

“It’s no secret that this year has been deemed the year of ransomware, and for every bitcoin criminals are earning, there’s a newly evolved version making its way through your files.” In other words, in a data-rich, HIPAA-sensitive world, there’s no such thing as being too vigilant.

Part of the problem, she observes, is that few organizations speak IT, so it should come as no surprise that healthcare is often a prime target for hackers. With data the lifeblood of every healthcare organization—via patient records, personnel files, insurance systems and the like—malicious actors scouting for a payday have drawn a bead on the industry.

The latest perpetrator in this case is the massive volumetric attack. These types of attacks represent something new and especially troubling, and no single firewall can stop them. According to industry analysts, volumetric attacks rank as the most common type of DDoS incident, accounting for an estimated 65 percent of the total reported.

What makes these volumetric attacks special? Consider that a front-line hosting company typically supports multiple 1 gig per second interfaces to the Internet. When someone begins a volumetric attack, they’re likely to send 800 gigs per second through a pipe that simply can’t accept anywhere near that much data.

As the security environment changes, so should every healthcare organization’s response to that environment. And here’s the encouraging news: the IT community is beginning to respond effectively. Cloud hosting providers in increasing numbers are implementing DDoS attack protection for their clients, across the board.

New, state of the art volumetric attack protection provides real-time DDoS mitigation through automatic analysis of DDoS alerts and deployment of routing commands to ensure that immediate action is taken when legitimate DDoS attacks are detected—all without any human intervention. Volumetric attack protection is precisely the kind of proactive step that providers need to take on behalf of healthcare providers and the medical community, and that users need to demand.

Read in HealthData Management