By Marie Le Pargneux, CDO, TEHTRIS
Health facilities traditionally bring us support in both the most challenging and happiest times in our lives. Today, they are the ones that need help, as cyber-attackers take advantage of the current situation to use computer systems’ vulnerabilities as part of their criminal activities.
Ransomware is one of the worst cyber-attacks out there. Thousands of new ransomware strains are released on the Internet every single day. Once a ransomware takes hold, it can deal severe blows to healthcare institutions, causing entire hospitals to shut down until they pay a hefty amount, sometimes worth up to a million dollars – and it’s not just about money. Attacks on healthcare systems can lock down computers containing electronic medical and health records, preventing doctors from accessing critical information such as their patients’ medical background, recommended drug dosage, etc. Some hackers even threaten to publish such information online if they don’t get paid, leading to a serious violation of medical confidentiality. Some hospitals under attack even have to turn away new patients that are in dire condition due to the COVID-19.
Medical equipment hacking also poses a severe hazard to healthcare institutions as modernization of medical devices has come along with more vulnerabilities. Medical equipment such as insulin pumps or wireless systems in patients’ operating rooms can be compromised, causing them to malfunction and result in patient fatality.
Tips for Simple Preventive Cyber-Actions
The biggest challenge is to mitigate the risk associated with your work-from-home employees. Here are a few simple tips how:
– Educate and inform your employees about threats and good practices. Create a series of educational emails and remind them how to detect and deal with suspicious emails;
– Label emails from the outside, for example add/ by adding [EXTERNAL] in the subject line;
– Require your staff to enable all Cloud security configurations and features or run a vulnerability assessment as prescribed by your cybersecurity services provider;
– Make Multifactor Authentication mandatory for all your cloud services with constant monitoring;
– Make full disk encryption mandatory on all remote PCs to protect the data they contain;
– Ensure your employees’ DNS settings include a solution that checks the reputation of visited websites;
– If you need to enable remote access into internal systems, always do so through a VPN. Never enable Windows RDP access directly from the firewall;
– Require your stay-at-home workers to use a separate Wi-Fi network and stay away from public Wi-Fi;
– Do not forget your mobile fleet. This is all about security scans on these devices, especially if you have Android, and also through specific options and policies above your MDM infrastructure;
– If not already done, deploy internal barriers for containment between sensitive zones. This allows blocking of lateral movements from spies and worms with ransomwares payloads.
What more can you do?
As part of a partnership with OVH Cloud (Europe’s largest hosting service provider), TEHTRIS joined the #Open_solidarity initiative, committing to provide all healthcare facilities worldwide (including nursing homes) with free cyberprotection – TEHTRIS XDR Platform, TEHTRIS EDR agents (Endpoint Detection and Response) as well as related SOC services – for the duration of the COVID-19 outbreak and for at least three months.
TEHTRIS EDR protects servers and workstations by automatically detecting and neutralizing advanced or unknown threats in real time on each device where it is deployed. Thanks to its learning system, heuristic technologies, sandboxes, Artificial Intelligence, knowledge databases, tactical SIEM, it neutralizes and quarantines all malicious attacks. TEHTRIS EDR can be easily and quickly deployed to all types of Windows, Linux and macOS endpoints.
Through this commitment to healthcare facilities, TEHTRIS wishes to play a part in the global fight against COVID-19 in the most effective way, by helping health facilities worldwide to focus on what matters the most: saving lives and overcome this unprecedented situation.
At TEHTRIS, we firmly believe that in these troubled times, cybersecurity can rhyme with solidarity.
About the Author
Marie Le Pargneux joined TEHTRIS as Chief Development Officer (CDO). She graduated with an Executive Master from the Ecole Polytechnique and has a PhD in Management Sciences. Marie worked for more than 10 years with executives on business models as well as organizational, managerial and technological transformation issues.
Her goal at TEHTRIS is to help find the best cyber defense solution for every type of organization. Accompanying the growth of TEHTRIS, Marie’s role in the development of the business is also contributing to cyberpeace in the world and job creation. Marie can be reached online at firstname.lastname@example.org and on our company website https://tehtris.com/