With healthcare systems around the globe overburdened by the pandemic, hospitals and other healthcare organizations became prime targets for cybercrime.
This threat grew in tandem with the coronavirus through 2020. The CISA, FBI and HHSa issued a Joint Cybersecurity Advisory in late October, warning of an increased and imminent risk of ransomware attacks to US hospitals and healthcare providers.
Unfortunately, they were right to sound the alarm. Cybersecurity company Check Point Software reported in January that in the final two months of 2020, there had been a 45% increase in attacks targeting healthcare organizations globally—more than double the overall increase in cyberattacks across all industry sectors worldwide.
Canadian healthcare in particular was under assault. Organizations in that country experienced the most dramatic increase of any in the world, with a 250% spike in attacks.
Healthcare in the crosshairs
To date, the ransomware attacks largely use the Ryuk variant, specifically tailored and targeted for healthcare organizations. According to Check Point Research:
“Unlike most ransomware which is distributed via massive spam campaigns and Exploit Kits, Ryuk is used exclusively for tailored attacks. Its encryption scheme is intentionally built for small-scale operations, such that only crucial assets and resources are infected in each targeted network and distribution is carried out manually. The malware encrypts files stored on PCs, storage servers and data centers.”
Hospitals are getting hit because they’re likely to be more willing to pay ransom right now. With the pandemic straining the healthcare system, they can’t let an IT disruption prevent them from providing care.
The healthcare sector is also more vulnerable due to its rapid adoption of new temporary locations, processes and personnel—organizations have a challenge training everyone.
But Sumit Bhatia, director of communications and knowledge mobilization with Toronto-based Cybersecure Catalyst has noted that many healthcare systems run on legacy technology that make them less capable of stopping sophisticated attacks.
Protecting virtual healthcare systems
For healthcare organizations offering virtual care services, security is a top priority. Early in the pandemic, as patients requested remote appointments, health practitioners were rightly reluctant to introduce consultations over traditional video-calling platforms due to privacy concerns.
Instead, organizations have to find ways to securely integrate telemedicine platforms with existing proprietary systems that hold data, test results, and patient information.
The latest wave of ransomware attacks makes clear that healthcare organizations need to remain on guard. As Bhatia noted, “Right now we’ve just adopted [technology systems] for the model of efficiency, not for models of security. We are focused on delivering care, not necessarily delving into cybersecurity issues.”
It’s vital that as demand for telemedicine grows, healthcare organizations must develop risk-informed cyber strategies that include performing comprehensive risk assessments to determine if a virtual care platform poses any additional security exposure.
Secure by design
One of VidyoHealth’s fundamental advantages has always been security, both on-premise and in the cloud. As such, VidyoHealth is a HIPAA compliant solution.
VidyoHealth maintains an information security governance policy designed to protect the confidentiality and integrity of information.
The built-in security measures range from user authentication/login and segregated management to encryption for passwords, signaling and media.
Specific security features include:
- SRTP media encryption
- FIPS 140-2 certified libraries
- Secure HTTPS login utilizing industry-standard PKI
- TLS using strong encryption ciphers for signaling
- Password hashing in database
- Encrypted token technology for session security
- No login information retained on the client
You can find complete details about the extensive measures taken in the Vidyo security white paper.