Cyber attacks on healthcare organisations skyrocketed in 2020, with the surge showing no signs of abatement, as opportunistic criminals looked for ways to exploit the Covid-19 crisis.
Threats from nation states and criminals to healthcare organisations continue to be a growing concern. The huge logistical challenge of rolling out vaccines faces the risk of disruption to complex supply chains. And criminal ransomware poses a threat at a time when the pandemic has increased our reliance on technology.
This is a trend that we are seeing at ITC Secure which is also mirrored in the National Cyber Security Centre’s 2020 Annual Review, highlighting the upward trend in ransomware incidents by more than three times in comparison to previous years.
It is a serious issue. In the short term, ransomware can cost organisations millions of pounds, and potentially an even greater loss over the long term, impacting reputation and reliability. From top healthcare providers right through the supply chain, ransomware attackers are proving to be a continuing cyber security threat.
Target rich and vulnerable
Throughout 2020, NHS Digital published a number of cyber alerts, releasing at least one a month, detailing different types of ransomware and showing just how prevalent the attack vector is.
Ransomware is as close to a perfect business model for cyber criminals as you can get. It has a very small barrier to entry, there is limited competition, it requires a low level of investment but results in high gain, and there is very little risk in getting caught.
When you combine these elements with the speed at which ransomware can be executed, in addition to the other cyber security vulnerabilities that are plaguing the healthcare industry, there is no reason to believe that cyber criminals will ever back down.
There has also been a significant change in the way ransomware attacks are carried out. Rather than simply preventing access to data, criminals are stealing it and threatening to leak the most sensitive parts publicly. Additionally, attacks perpetrated directly on medical devices can lead to a loss of confidence in the confidentiality, integrity and availability of data used by clinicians to form the diagnoses of patients, ultimately threatening patient safety.
As healthcare services and providers continue to battle with the pressures of Covid-19, budget limitations and safeguarding against opportunistic adversaries, we need to do everything we can to protect those at the forefront of the pandemic so they can focus on their mission of saving lives.
So, how can we help?
Defence in depth has always been the cornerstone of cyber security. At ITC Secure, we demonstrate this through our range of managed security services and cyber advisory offerings. In partnership with IronNet, we have updated the rule book by adding the concept of Collective Defence.
No business is an island. No business benefits from having a competitor compromised, rather, it is our industries as a whole that suffer. By sharing cyber security intelligence, including data and incident information, just a few organisations can help entire industries become more secure.
Threat actors have long been collaborating with each other on the best attack vectors for specific industries and organisations, so as defenders we too should also work together and protect our industries collectively.
Together with IronNet, we have established a framework to enable members to leverage each other’s expertise, anonymously share previously unclassified threat behavioural analytics and collaborate to identify threats early in the kill chain, quickly triage and rapidly remediate. We see this as the answer to strengthen the cyber immunity of our vital yet vulnerable healthcare industry.
The UK Healthcare Dome: the future of cyber defence
The creation of the UK’s first Healthcare Dome is part of our vision to protect an already strained industry from further injury.
The Dome has been built using the first automated cyber Collective Defence solution to deliver threat knowledge and intelligence across the healthcare industry at machine-speed. Businesses that join the Dome, healthcare facilities and providers across the UK, will be able to collaborate with one another to multiply their defences and stay ahead of evolving threats, such as ransomware, through real-time threat sharing.
In cyber security, time and visibility are two of the most powerful tools when it comes to defending against adversaries. The UK Healthcare Dome provides both, delivering real-time visibility of cyber threats targeting supply chains, industries, and regions, whilst also sharing real-time detections, triage outcomes, and threat indicators with other members of the Dome. When suspicious behaviours are identified, the Dome triggers an automated and proactive warning to all members at machine-speed so they can prioritise the necessary defences to take against the cyber threat.
Through the UK Healthcare Dome, members are able to save time and resources by defending collectively and are empowered with the means to prioritise business goals and focus on their bottom line.