As if the logistical mayhem springing out of the COVID-19 crisis weren’t enough, cyber attacks against hospitals are skyrocketing right now.
Since March 2020, hackers have launched attacks against the HHS in the US, have blasted a ton of ransomware and phishing attacks, impersonated the WHO, and completely shut down a COVID-19 testing facility in the Czech Republic.
As John Riggi, the American Hospital Association’s (AHA) senior adviser for cybersecurity and risk, put it: “Worst-case scenario, life-saving medical devices may be rendered inoperable.”
Cyber infections spread a lot like biological ones. Where biological viruses like COVID-19 or the common cold spread from person to person, cyber infections can spread from one connected medical device to another.
Cyber attacks can target life-saving devices used to treat critical COVID-19 patients like IV pumps and ventilators. They can also target diagnostic lab equipment like IVD (in vitro diagnostics) devices.
Here's how it could happen:
If even one connected device at your hospital gets infected, it could spread and force a hospital-wide shutdown. Obviously, this isn’t an option.
Just like the best way to limit the spread of disease among people is to practice social distancing, the best way to protect your clinical network and medical devices is to separate them from each other. This separation is called segmentation.
Think of healthcare network segmentation as social distancing for medical devices.
Segmenting clinical networks to prevent the spread of infection is more complicated than social distancing is for people. Hospital segmentation policies have to account for dynamic medical environments, plus the risks of cutting off certain device communications:
If you want to segment your clinical network safely, all of this has to be taken into account. The best way to do this is by using a healthcare IoT cybersecurity solution.
Safely segmenting clinical networks depends on getting a clear picture of your clinical network. Cybersecurity solutions developed specially for health care come with tools that give hospitals a bird’s-eye view into device communications, plus insights into IoMT devices that traditional IT technologies don’t:
Healthcare IoT security tools give hospitals a picture of medical devices’ internal and external communications instantly, even if they’re being migrated to different servers, plus a profile of devices’ risk impact within your hospital’s unique clinical environment.
Safe segmentation policies can’t be built without these insights. And without segmentation, hospitals are just as vulnerable to cyber attacks as people are to pathogens.
Now, with cyber attacks spiking in the midst of the COVID-19 Coronavirus pandemic, it’s more important than ever to protect ourselves by practicing social distancing and to protect our hospitals with safe segmentation policies.
To learn more about safely and effectively combating cyber attacks on hospitals during pandemics or on any regular day, read Cynerio's white paper, Network Segmentation for Hospitals: Challenges and Technology Solutions.
Cynerio is the world's premier medical-first IoT cybersecurity solution. We view cybersecurity as a standard part of patient care and provide healthcare delivery organizations with the insight and tools they need to secure clinical ecosystems and achieve long-term, scalable threat remediation without disrupting operations or the delivery of care.