It’s not that long since hospitals and other healthcare settings ran on paper, with documents physically stored on site.
While the move towards storing information on computers has revolutionised the way data is managed in the sector, it has also brought with it significant new risks. For example, at the time of publication, data had still not been fully restored months after a major cyberattack on the Irish healthcare service in May 2021 that saw patient records sold on the dark web.
“Today, everything is interconnected, from x-rays to medical records,” says Danny Jenkins, CEO and co-founder of ThreatLocker. “Until about five years ago, nobody really cared about hacking a hospital but all that changed, as cyber criminals realised that they could make a lot of money going after healthcare companies and clinics.” This shift in focus was driven by the realisation that healthcare settings are rich sites of patient data and that many organisations are willing to pay to unlock systems hackers have encrypted.
Ironically, the recent growth in privacy legislation has made things worse in this regard, explains Jenkins, as organisations are not able to store as much patient data in backups as they previously could. “They may choose to pay to get back because it is too slow to restore from back up.” Hospitals and clinics are also easy places to get into – both to access public-facing computers, and to target large numbers of non-technical staff.
Protecting data under these conditions sounds like an impossible task. The solution, says Jenkins, is a ‘zero trust’ approach. “You need to implement security controls that prevent users from stepping out of their lane. This means ringfencing and whitelisting what’s needed and blocking everything else. The only way to block malware is to block everything by default and implement strict storage control policies.”
The average hospital or healthcare organisation does not have the dedicated IT resources to manage this type of system and that’s where ThreatLocker steps in. Jenkins says the system takes only three to four hours a month to manage, compared to alternative systems which may require dedicated teams of up to five people.
Threatlocker is integrated with Active Directory in the Windows operating system. “We track all of Microsoft’s products for updates, so when whitelisting you don’t have to worry about those applications being blocked,” says Jenkins.
He concludes: “We hope more companies will implement good security controls. They make it far less cost-effective for criminals to keep attacking you because it’s too much hard work and so it’s bad business for them.”
This article was originally published in the Winter 21/22 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.