Rick Vanover, Senior Director of Product Strategy and Sandeep Bhambure, VP and MD, India & SAARC, Veeam Software outline how digital healthcare has led to a data explosion making it prone to new and sophisticated cyber threats and recommend measures to implement a sound data protection strategy
The ongoing public health emergency has fundamentally transformed the way societies and economies across the globe operate today. Healthcare systems have been stretched and their adequate preparedness tested to cope with the overwhelming demand for critical patient care. Digital transformation is revolutionising the healthcare industry, by opening new opportunities for innovation and introducing digital delivery of critical services. However, an increase in the delivery of digital healthcare is also leading to a data explosion that is becoming prone to new and sophisticated cyber threats.
Indian healthcare is the largest sector today in terms of both revenue and employment. The sector is expected to grow three-fold to Rs 8.6 trillion ($ 133.44 billion) by 2022 and the Government of India is planning to increase public health spending to 2.5 per cent of the country’s GDP by 2025, as per IBEF’s latest Indian healthcare Industry report.
As a result of this growth, the sector is witnessing a surge in on-demand services, thereby putting immense pressure on the healthcare system. Documenting every relevant information digitally has become crucial for medical institutions in order to minimise risks. With all the healthcare records like medical insurance, diagnostic reports, and hospital data going digital Indian healthcare is witnessing a massive proliferation of data, putting a spotlight on data protection, management and availability.
Add COVID to this prevailing trend and public health systems have begun to show cracks. The need to automate, innovate and find new ways to deliver healthcare in order to relieve this growing pressure has becomes more urgent than ever before. The pandemic further elevates the critical role of data today, as authorities and providers demand seamless, real-time access to data for rapid response to crises and coordinated collaboration across Hong Kong India. Growing use of e-health records is now also empowering citizens to take control of their health, but the increased flow of health data undoubtedly raises risks.
As our systems continue to evolve, it is crucial that our data security strategy advances at the same speed. This means ensuring watertight protection of healthcare data against one of the most common forms of cyberattack, ransomware. Data collected on patients, healthcare institutions, universities with clinical trials and R&D data may be highly personal or sensitive and ultimately highly valuable. This data is attractive to a potential hacker because they understand the impact a data breach could have on an individual or an institution’s reputation, and so therefore see a better chance of obtaining a ransom for their crime.
By taking proactive as opposed to reactive precautions, this face-off might never be necessary. IT teams within healthcare institutions and related organisations should consider a data protection strategy on a foundation of education, implementation, and remediation to be impermeable from the word go.
Understanding the risks
The journey of understanding starts after the threat actors are identified. Remote desktop protocol (RDP) or other remote access tools, phish and software updates are the three main mechanisms for entry. Knowing this could help your institution focus its investment strategically, enabling maximum resilience against ransomware from an attack vector perspective.
Most IT administrators use RDP for their daily work for remote access, with many RDP servers still directly connected on the Internet. As a result, over half of ransomware attacks currently use RDP as an entry pathway. Those threats not accessing via RDP, may instead choose phish mail as their method of choice. If you are ever unsure if you have received a phish email, there are two popular tools that can help assess the risk to your organisation. These are Gophish and KnowBe4. It is also essential to keep in mind the need to update critical categories of IT assets such as operating systems, applications, databases and device firmware. Extend this thorough approach to data centres, too, as they can be just as susceptible to attack as the data housed on-site.
Implementation
When it comes to a ransomware attack, its resiliency hinges on how the backup solution is implemented, the behavior of the threat and the course of remediation. As an important part of ransomware resiliency, implementation of backup infrastructure is a critical step.
Backup repositories are an essential storage resource when it comes to ransomware resiliency, so it is recommended that access to those within the organisation is not permitted. Insiders having the permissions to access this data could lead to potential leaks outside of the organisation, so it is recommended that these responsibilities are managed by a third party, where possible.
Remediation
Despite ensuring your institution is educated around the threats of ransomware and implements the correct techniques accordingly, you should always be prepared to remediate a threat where necessary.
If you do suffer an attack, your next steps to remediating ransomware are:
- Do not pay the ransom.
- The only option is to restore data.
One of the hardest parts of recovering from a hack is decision authority. Make sure you have a clear protocol in place that establishes who will make the call to restore or to fail over your data in the event of a disaster. Within these business discussions, agree on a list of security, incident response and identity management contacts that you can call on if needed. When a breach happens, time is of the essence, so you will thank yourself for having prepared in advance.
Much like you would invest in insurance for your home, you should consider backup an investment in the same vein. It is something you hope never to need, but if the worst happens, your organisation is protected, and your staff and patients’ data is safe. By properly educating your colleagues on the risks, implementing the appropriate infrastructure and having the appropriate remediation protocols in place, you will not only increase your resiliency against a ransomware attacks but also avoid data loss, financial costs or reputation damage to your organisation.
In the backdrop of the pandemic, ransomware attacks are exploiting vulnerabilities with digital delivery of healthcare services. The cost due to ransomware attacks on healthcare systems are exponentially growing due to extensive downtime that cause obstacles in critical patient care. Healthcare organisations should adopt a holistic approach like prevention methods, adopting tools and invest in modern technology solutions like cloud data management and data protection platforms to prevent ransomware attacks.
The stakes are very high for the healthcare industry to emerge as a powerhouse to cope with the present public health crisis. However, the spotlight is on the IT teams to provide always-on access to patients and healthcare staff on every device with no tolerance for downtime and data management across on premise or cloud environments.