The global healthcare industry has been subject to a variety of cyberattacks as it deals with the COVID-19 pandemic, explained Dr. Seyedmostafa Safavi, CEO of cybersecurity advisory services at Protech Future System and Associate Fellow at the Center for Cyber Security of the National University of Malaysia (UKM). He believes that stepping up global cooperation could help reduce the risks. Besides, artificial intelligence is increasingly being viewed as essential in order to win the battle against cyberattacks.
Cyber attacks are frequent and the healthcare sector is increasingly subject to hacking. While many hackers had promised a respite for hospitals during the COVID-19 pandemic, a woman died on September 18 during ransomware in the University Hospital of Düsseldorf in Germany. According to prosecutors, the patient died from delayed treatment after hackers penetrated the hospital’s computers. It is the first fatality from a ransomware attack.
In the US, a ransomware attack has struck the digital equipment of a major hospital chain, Universal Health Services on Sunday, September 28. All the hospital’s computers suddenly shut off, patients’ medical files were lost and many of those patients had to be rerouted to other facilities.
These unfortunate events remind us that cyberattacks, especially in the healthcare sector, are a matter of life and death. And despite this pandemic situation, the industry remains vulnerable, explained Dr. Seyedmostafa Safavi, CEO of cybersecurity advisory services at Protech Future System.
Why did the COVID-19 pandemic increase the number of cyberattacks in the healthcare sector compared to before?
Dr. Seyedmostafa Safavi: The healthcare industry relies heavily on technology. With the pandemic, budgets have been even tighter than usual, making it difficult to invest in IT security. Cybercriminals are aware of this gap and have been targeting where they think there will be weaknesses, in pharmaceutical companies for example.
What is at risk?
Dr. Safavi: Data loss is one of the most important threats linked to HIS (Hospital Information Systems), LIS (Laboratory Information Systems), PHR (Personal Health Records), email servers, and many more. This often involves several endpoint devices covering various types of patient monitoring equipment that either connect to the internet or are unpatched and ready to be manipulated. These devices are often seen at clinics and pharmaceutical firms and they are at this point in time a clear focus for cybercriminals.
What measures can be taken in each country to increase the security of IT healthcare ecosystems?
Dr. Safavi: Despite the difficulties ahead, governments and the cyber world should work together to ensure security, privacy and digital rights. Governments need to take two specific actions to increase the security of IT healthcare ecosystems.
a) Adapting national frameworks first: Nations need to become more flexible in upgrading or developing national technology policies, as well as the cyberspace legal and regulatory framework. These measures will take a multi-stakeholder approach by paying close attention to developing the capacity to respond to accidents across all industries. Governments can not function alone and participation of the technical community and the private sector is essential in order to build a successful capacity for growth and recovery.
b) Stepping up global cooperation and awareness programs: Ever since COVID-19 broke out, information sharing has increased. We need to keep that momentum going and formalize it for all issues related to cybersecurity and privacy. Cybersecurity requires international cooperation, so the connection between countries and industries needs to increase on all levels. There will be a new “virus” or a “common enemy” in cyberspace in the near future; therefore collaboration at the policy, technical and law enforcement levels will be vital in order to protect us and enable us to work together to find solutions.
Could the increasing use of AI create greater opportunities for cyberattacks or for cybersecurity?
Dr. Safavi: As businesses struggle to tackle more and more sophisticated cybersecurity threats, the magnitude of which is intensified by both the fragmentation of IT perimeters in today’s mobile and IoT world, combined with an extreme shortage of skilled security professionals, IT security teams need both a new approach and powerful new resources to protect data. We are increasingly looking to artificial intelligence as a main tool for winning the battle against risks within IT infrastructures. Security products with AI capabilities can help reduce false alerts and provide more forensic efficiency to improve the capacity of security teams when it comes to finding and responding to threats that skip firewalls more quickly.
Are there any particular security concerns with data from wearable devices?
Dr. Safavi: Yes, there are four smart device data privacy and security issues:
a) Data sharing to third parties: As consumers of these tools for health surveillance, we also add health information to a centralized database managed by the device manufacturer. Most privacy policies for fitness trackers are ambiguous and constantly changing, with platitudes starting with valuing your privacy and finishing with we share your information with third parties since the privacy regulations of HIPAA still aren’t relevant to this new sector. That is how they can sell your data after you accept the terms and conditions.
b) Is it secure? We have assigned these corporations with the task of collecting our personal health information, but what measures will be taken to ensure our information is safe? Do they encrypt the data and review who has access to your information?
c) Look for sharing options in a setting: These organizations have social networking services, so subscribers can choose to share their information with others, but most of the time this facility is turned on by default so ensure all of the default privacy settings are reviewed before you start using it.
d) Who owns your data? As the operator and producer of your very own health data, you should be concerned about who has access to your data.
How do you see the future of cybersecurity in the healthcare sector?
Dr. Safavi: I can mention that there is no future without the proper protection of health data. These are my predictions for what will be in our near future:
a) Ransomware will have an increasingly worse impact. New ransomware attacks block authorized users from accessing files and services and copy data to the cloud until the ransom demanded by cybercriminals is paid. Healthcare is such a proven easy target now that perpetrators with a more targeted approach can increase the frequency of attacks. It could become a tragedy for a multitude of healthcare services that are sitting with under-prepared processes and technologies.
b) The safeguarding of electronic health records will become essential very soon. Past experience has shown us that problems with not patching operating systems and IoT devices can bring security concerns for preserving patient safety.
c) Discussions regarding safety and privacy will be modernized soon. The healthcare industry is interested in the potential of IoT devices linked to remote medical service providers, which reported a 27% growth per year. This growth will bring a new level of discussion for security concerns with it.
d) Mobile and safety systems. A further innovation will be development in mobile health technology which could be the key to understanding your body in just a second, but when we add private data, the path to this data will be accessible to cybercriminals.
This interview was conducted by Célia Sampol for our sister publication MedicalExpo e-magazine.