There’s been a lot of buzz lately around a spike in cyber attacks, especially targeted at hospitals. The sad truth is that the healthcare industry is a favorite target of cyber criminals. Over 90% of all healthcare organizations have experienced a breach, 57% have experienced more than five, and attacks have surged 300% since the beginning of 2020 and the COVID-19 crisis.
Meanwhile, Internet of Things (IoT) and smart medical devices are gaining in prevalence in hospitals and other clinical settings. While all these devices offer convenience and expedite medical services, their network connections are often unknown, unmonitored, and uncontrolled. This translates into a feasting ground for hackers who have no qualms exploiting the innumerable opportunities clinical networks present.
The best way to protect any network is by segmenting it. Unsegmented networks present hostile parties with a large attack surface that can be difficult to manage and protect.
Network segmentation divides a network into multiple parts, fragmenting each segment from the larger network. It can be achieved with firewalls, VLANs, and other network security tools. Segmentation also prevents unauthorized user access and malicious attacks by containing attacker activity to the segment infected.
The main reason for failing to apply segmentation to clinical networks is the amount of time and effort required to correctly split a network into segments without disrupting clinical services.
Clinical networks are more difficult to protect than standard networks. Medical devices have unique behaviors and communications patterns that are required for normal functionality. Traditional IT tools don’t have the ability to recognize medical devices, nor do they have the ability to contextualize device risk according to medical impact or clinical criticality.
To complicate matters, when an attacker gains access to a clinical network, the repercussions go beyond data theft, business integrity, and fiscal fallout. Attackers can access device function (medication delivery, surgical procedures, patients’ vital readings), impede the network, and disrupt medical care, posing an immediate physical threat to patients’ lives.