SolarWinds Breach: What Healthcare Organizations Need to Know

Cynerio
News
Dec 23, 2020

The biggest cyber attack in history

This  breach affects every industry and pretty much all major companies. It’s affected and infected around 18,000 companies and organizations, including:

  • The US government: the US Treasury, and departments of Justice, Commerce, State, Energy, and Homeland Security, the NSA, CDC, and the NIH
  • This breach is so big and the implications so severe that CISA issued an Emergency Directive urging all federal agencies to shut down any system running SolarWinds products immediately.
  • High-profile companies, including the majority of Fortune 500 companies: Microsoft, Intel, Visa, Ford, Blue Cross Blue Shield, Belkin, Lockheed Martin, Best Western Hotels, Time Warner, CBS

Even top-tier IT security products have been compromised

Big names like Cisco and FireEye (which discovered the breach) are affected. If your existing security infrastructure includes any of these products, or if you host or use products from any of SolarWinds’ list of affected clients, your networks and devices could be compromised.

The outlook may seem grim, but we’re here to help

Our first priority is making sure your medical devices are secure and that your healthcare facility doesn’t suffer any lapse in operational continuity. Our goal is to keep your clinical workflows flowing so you can rest assured that your patients are safe.

How we’re helping hospitals like yours combat this threat

  1. We’ll help you determine if you’ve actually been affected by this breach and how severe the damage is. As SolarWinds releases more information on affected products, we’ll work with you and the relevant vendors to identify every affected device across your networks.
  2. We’ll constantly monitor your network activity and automate mapping critical devices on your network.
  3. We’ll help you set up a preemptive and proactive healthcare-safe Zero Trust cybersecurity infrastructure that hardens your network against known and unknown threats by setting up policies that only allow access to entities on an individual basis, including third-parties and vendors. 

More details on healthcare-safe Zero Trust cybersecurity infrastructure

After we identify every device and determine if they’re affected, we locate and flag them. Cynerio uses Impact Modeling to prioritize risk according to medical impact, ensuring mission-critical devices remain secure and functional. 

On top of Impact Modeling, we also use Mitigation Modeling to determine the most optimal path to mitigating threats from an organizational level down to the device level with step-by-step plans that enable you to:

  • Quickly and safely configure and enforce healthcare-safe Zero Trust North-South and East-West segmentation policies to limit access to the network and lateral movement in the case of any compromised devices
  • Continue using mission-critical devices with our Quarantine capability
  • Micromanage risks on specific ports with our Service Hardening capability to configure access rules according to every communication’s source and destination IP/ports (e.g. TELNET, FTP, REXEC, SSH, etc.)
  • Manage all vendor and third-party connections with our Vendor Access Management capability to give you full visibility and control into who’s connecting to what devices for what services when

If you have any questions or concerns, please don’t hesitate to contact us immediately.


Keep your finger on the pulse of Healthcare IoT security