Report shows ‘Alarming’ State of Healthcare Cyber Security

As the healthcare industry moves further into the modern era, emerging technologies facilitate the workflow of physicians and radiologists. The advent of products such as Electronic Medical Records Software has led to better patient outcomes and improved care strategies, allowing doctors to track medical histories across various practices.

However, the rise of medical technology comes at the cost of increased risk of Web-based security breaches. According to a report released by the Internet security firm SANS Institute, many healthcare organizations around the country have had their security systems compromised by cyber attacks. Among the prominent sources of malicious Internet traffic, radiology software was found to be the most prevalent avenue of bypassing security measures.

Reviewing data captured between September 2012 and October 2013, the researchers found that radiology imaging software contributed roughly 7 percent of cyber attack traffic. The information was recorded using a live threat intelligence platform, which actively shows instances of cyber attacks and defenses in real-time. Over the course of the study, the group found 49,917 attacks, 723 malicious source IP addresses and 375 compromised health organizations.

“The time to act is yesterday. Organizations must become aware of the many attack surfaces in their organizations and follow best practices for configuring these systems and monitoring them for abuse,” wrote report author Barbara Filkins.

Finding the biggest threats
Breaking down the specifics of the report, the researchers from SANS found that – ironically – the most common sources of cyber attacks came from security software. Thirty-three percent was attributed to virtual private network applications and devices, 16 percent to firewalls, 8 percent to call center websites and 7 percent each to routers, video conferencing systems and Medical Imaging Software.

One of the biggest concerns the researchers voiced was regarding the volume of malicious source IPs found in the targeted sample. They believe that the number could easily be hypothesized to include millions of other organizations and systems that are also compromised and simply have not been discovered yet by administrators. Additionally, some of the organizations were alerted to the attacks but did nothing to fix the weaknesses found in their systems.

With organizations being penalized financially under HIPAA for their vulnerabilities, it is important they design new systems to improve their Healthcare Cyber Security capabilities. Stronger, more intricate passwords that are changed often, as well as increased security assessments, are just a few of the viable options available to imaging facilities.

Contact Viztek for More Information