Recent Threats Highlight the Importance of Cybersecurity in Healthcare

Daniel dos Santos | October 29, 2020
Early on October 28, we got to know that personal and medical details – including names, social security numbers, and diagnostics images – of more than 3 million U.S. patients are available online, unprotected and accessible to anyone who knows how to search for it.
Later that same day, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a joint cybersecurity advisory about “Ransomware Activity Targeting the Healthcare and Public Health Sector”. The advisory details techniques used by malicious actors to infect healthcare systems with a specific ransomware strain – the Ryuk malware – and to exfiltrate data, both presumably for financial gains. More worryingly, the advisory describes not only attacks that could happen, but attacks that are taking place right now and whose imminent escalation is probable.
All of this is happening in the middle of a pandemic that puts huge pressure on healthcare staff. This pressure is what led us at Forescout Research Labs to release (coincidentally at the same day as the events discussed above) a new research report that highlights the risks that allow incidents like these to happen and the recommendations to protect organizations from these threats.
The risks we identified and the mitigations we recommended are in line with CISA/FBI/HHS’s:
For more information on this research and the specific risk areas facing healthcare organizations that could leave them vulnerable to ransomware and other attacks, please download the full report.
Toll-Free (US): 1-866-377-8771
Tel (Intl): +1-408-213-3191
Support: +1-708-237-6591
Headquarters
190 W Tasman Dr.
San Jose, CA, USA 95134