How IT Teams Can Protect Health Care Data

 
 
By Karen A. Frenkel  |  Posted 06-24-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    How IT Teams Can Protect Health Care Data
    Next

    How IT Teams Can Protect Health Care Data

    By Karen A. Frenkel
  • Previous
    The Rise of MEDJACKs: Medical Device Hijacks
    Next

    The Rise of MEDJACKs: Medical Device Hijacks

    Medical devices have become key pivotal points within health care networks for cyber-attackers. They are the hardest area to remediate even when attacker compromises are identified.
  • Previous
    Devices and Electronic Medical Records Connected
    Next

    Devices and Electronic Medical Records Connected

    Because medical devices and electronic medical records are being deployed quickly across doctors' practices and hospitals due to government incentives, this community has connected the most vulnerable devices with the highest valued data.
  • Previous
    Types of Compromised Equipment
    Next

    Types of Compromised Equipment

    X-ray machines, picture archives and communication systems and blood gas analyzers are vulnerable.
  • Previous
    Critical Care Units Used for Analysis
    Next

    Critical Care Units Used for Analysis

    The report found that Nova Biomedical and its Critical Care Express units contain Zeus and Citadel malware. Hackers used the devices, which were several years old, to find passwords within the hospital. TrapX studied these devices to understand and illustrate MEDJACK.
  • Previous
    Recommendations
    Next

    Recommendations

    The report suggests 13 ways to safeguard medical devices and data, including that medical institutions rapidly integrate and deploy software and hardware fixes provided by medical device manufacturers and have senior management and QA teams track them.
  • Previous
    Protections and Quarterly Reviews
    Next

    Protections and Quarterly Reviews

    Procure medical devices only after reviewing with the manufacturer their cyber-security processes and protections. Review these quarterly.
  • Previous
    Review and Remediate Devices Now
    Next

    Review and Remediate Devices Now

    Many devices are probably already infected and creating unknown risks to institutions and patients, so review and remediate them now.
  • Previous
    Medical Device End-of-Life Strategy
    Next

    Medical Device End-of-Life Strategy

    Many medical devices have been in service for years and should be retired, especially if they have no strategy against malware.
  • Previous
    Update Your Medical Equipment
    Next

    Update Your Medical Equipment

    Although updating support and maintenance that specifically address malware remediation may increase expenses, it is necessary and prudent. Manufacturers should offer documented test processes to determine whether devices are infected and standard process to remediate them.
  • Previous
    Prepare for HIPAA Violations
    Next

    Prepare for HIPAA Violations

    You may find exfiltration of patient data. Compliance and IT must work together to document such incidents, and provide notice and follow-up in accordance with the law.
 

Hackers have placed malicious software on critical medical devices and can remotely access them, rendering health care institutions vulnerable to a perfect storm of attacks, according to a new report. Cyber-attackers are attracted to medical devices because they contain health care data and insurance credentials, which the black market values 20 times more than credit cards. The report, "Anatomy of an Attack: Medical Device Hijack (MEDJACK)," was prepared by cyber-security defense firm TrapX Security. It explains how attackers can rapidly penetrate medical devices and establish backdoors to gain access to the rest of a health care institution's data. Drawing on data from three cases of ongoing attacks, the report recommends that hospitals review contracts with medical device suppliers to address the detection, remediation and refurbishment of medical devices infected by malware. It also offers recommendations. TrapX Vice President Moshe Ben Simon said, "Hospitals must have a documented test process to determine if their devices have become infected, and suppliers must have a documented standard process for remediating and rebuilding devices when they are exploited by cyber-attackers."

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register