Even before COVID-19 disrupted operations, organizations accelerated their digital transformation initiatives to meet changing customer expectations. One sector that particularly embraced this shift is the healthcare sector, as organizations rapidly developed and adopted a range of digital health solutions, such as electronic health records and using AI to aid drug discovery.
Healthcare is "an industry that had been moving forward with digitization under numerous different names and approaches well before the onset of COVID," says Guy Becker, director of healthcare products management at cybersecurity company Sasa Software. However, this rapid digitization has also resulted in a sharp spike in criminal cyberattacks on the healthcare industry.
Check Point reports a global increase in attacks on organizations between November and December 2020. The report showed a 137% increase in East Asia, a 112% rise in Latin America, 67% in Europe, and a 37% increase in North American healthcare organizations. In recent years, there has been a dramatic increase in cybersecurity incidents in the healthcare sector, such as computer virus infections, ransomware, and the theft and publication of patient data.
The reality is grimmer today, especially when you consider that scanned medical documents and other healthcare images often contain sensitive data. NTT Research recently held a hackathon to find ways to use attribute-based encryption (ABE) to address that situation and others.
"Metadata stored within medical images, including X-rays and CT scans, can disclose confidential information like patient names, photographed body parts, and the medical centers or physicians involved, leading to patient identification," explains Jean-Philippe Cabay, data scientist at NTT Global in Belgium, whose team won the hackathon. "Attribute-based encryption ensures that only authorized users with the appropriate attributes can access medical images, keeping them secure and private."
Hospitals and healthcare organizations are working to protect digital imaging and communications in medicine (DICOM) files, according to Becker. This development is a result of the convergence of several factors: increased attacks on healthcare due to its high value (worth at least 10 times more than credit card data on the Dark Web) and traditionally weak security posture; demand for heightened healthcare security by governments and the EU; increased need for remote healthcare services due to COVID; and a general digital transformation trend to streamline and digitize services.
In addition, the vulnerability presented by potentially malicious imaging files is enhanced by the growing risk of breached medical devices. For example, imaging machines operating within the hospital network can be compromised without the knowledge of the technicians and engineers looking after them. Such compromise could lead to malicious code being injected into clinical data and spread across a hospital's network. Because imaging clinics and medical centers often need to transfer imaging data, a breach of such transactions could expose sensitive patient data, with devastating consequences.
Becker says the protection of sensitive imaging networks begins with the standard recommended measures: network segmentation, timely backups, frequent updating of systems and applications, the use of advanced intrusion detection and prevention systems, and regular employee education and training.
Some of these measures pose particular challenges for healthcare organizations.
