Tag: cyber security for healthcare

CYBERSECURITY for hospitals

Hospital Cybersecurity: Why It Matters

Michelle

Hospitals have come to rely heavily on their medical computer infrastructure. Everything from billing information to patient medical histories are stored on digital devices. These devices have made the task of record keeping much easier for your workers. But they also make it much easier for criminals to access sensitive information. Hackers have taken to targeting businesses of every size, with no leeway given to vital industries such as healthcare. One slip-up can lock your workers out of their computers for days. This can cost your hospital a fortune, and create a PR nightmare. Hospitals need to focus on increasing their cybersecurity in order to avoid help being targeted for these attacks.

Ransomware Hacks Are Only Increasing

Ransomware attacks rose by an astonishing 62% from 2019 to 2020. These attacks don’t just target the industrial sector, they have their eyes on hospitals as well. According to Dean Sittig, PhD, professor of biomedical informatics at the School of Biomedical Informatics at UTHealth in Houston, “Cybercriminals try every hospital, every day; every computer, multiple times a day.”

These attacks work by targeting your employees, vulnerabilities in your medical computer system, or a combination of the two. Once they gain access to your system, they lock all of your files through encryption. They promise to unlock them once given a bounty. Hospitals pay these bounties in crypto currency. This leaves little hope of tracing the transaction and holding the cybercriminals accountable.

In 2019, a ransomware attack against a hospital locked staff out of their computers, causing them to miss early warning signs that ultimately led to the tragic death of an infant. These sorts of stories will only become more common as the ease at which hacks can occur as well as their payouts increase.

What Are Cybersecurity Authorities Doing?

After a cyber attack that took out a major U.S. oil pipeline, the federal government began taking ransomware attacks more seriously. As of now, the Biden administration has taken preliminary steps to address the crisis. These include encouraging more businesses to report attacks. Biden also met with 30 countries to address the issue. While concrete actions are still sparse, there are steps hospitals can take in the meantime to help fend off would-be attackers.

What Your Hospital Can Do To Ward Off Cyber Attacks

Here are some things your hospital can do to help stay safe:

  • Have mandatory cybersecurity training with staff that covers the basics of phishing
  • Limit internet access in your building
  • Have a cybersecurity consultant on retainer 
  • Keep all medical computers updated with the latest software updates
m24t medical grade computer bioengineering
Tangent M24T Medical Computer

One of the major ways hackers can access systems is through computers with old, outdated software. The longer a piece of software has been out, the more time hackers have had to exploit it. New medical computers like the M24T have the latest versions of windows installed directly on them, which can help prevent cyber attacks. Tangent has a full lineup of medical computers built to help hospitals in their medical work, as well as being fully updated. For more information, contact Tangent Sales today.

medical computer safety

Keeping Your Hospital Safe From Hackers and Malware

Michelle

Many of us seldom think about who—or what— is watching us as we browse the internet. Many websites make use of cookies, which are snippets of code that help keep track of data such as passwords or shopping cart items while you browse the site. While cookies are mostly harmless, similar technologies can be deployed to mine your personal data to gain access to your not only your personal, but work accounts. Keeping your and your staff’s personal data safe on hospital medical computers is crucial to preventing system-wide hacks that can lead to extortion, or worse.

How Do Hackers Infiltrate Medical Computer Networks?

While it’s fun to think of hackers as super-smart, leather trench coat wearing folks sitting behind multiple monitors smashing away at keyboards, the reality of hacking is that many hackers rely on their victim’s human errors. Phishing emails, short and easy-to-guess passwords, and outdated software can turn one medical computer on your network into a hacker’s playground.

 

  • Phishing emails are designed to appear as legitimate emails, often giving off the impression of being sent by a supervisor, IT, or even a friend. These emails typically give a long, contriving explanation as to why certain sensitive data needs to be sent to the phisher immediately. Users of medical computers who are not trained to detect such emails are lured into the false urgency of the email, and send off their personal information without thinking about who it is going to. 
  • There are many misconceptions about passwords, namely that having difficult, complex passwords is the best way to protect your data. While complexity is a factor of how hard a password is for hackers to guess, it often leads to personnel forgetting their passwords to their medical computers and having to constantly reset them.
  • Outdated software on your medical computers constitutes one of the easiest backdoors that hackers have into your network. Outdated software is susceptible due to hackers having more time to figure out how to hack into the software, and being able to use the same method across multiple medical computers.

 

What Damage Can Hackers Do To Medical Computer Networks?

Simply put: it’s a hacker’s world, we’re just living in it. Charles Henderson, global head of IBM’s hacking unit X-Force Red, took to the stage at this year’s Blackhat cybersecurity conference and hacked an ATM, turning it into a cash dispenser in just a few minutes. If a computer exists, it can be hacked and likewise, your medical computers can be hacked. But it’s not just medical computers either, even pacemakers or insulin pumps can be hacked by nefarious folk.

 

While the prospect of patient’s life saving apparatus suddenly being disabled by deviants is justifiably terrifying, most hackers aren’t out to cause such chaos. Instead, they are after one thing: money. Hackers have taken to infiltrating hospital’s medical computer networks, and locking down all files until a ransom is paid. This ransom takes form in the form of untraceable bitcoin, allowing for the hackers to make a clean getaway without ever having set foot in your hospital. Hancock Health was forced to pay hackers $55,000 in 2018 in order to re-access their files that hackers had encrypted and held for ransom. 

 

Preventing Medical Computer Hacking

It’s more than likely that your hospital would not like to pay hackers for access to your own medical computers. Preventing hackers from infiltrating your medical computer network is not as simple as we may like to think, but there are certain ways you can stay one step ahead of the dark web. 

  • Hold Trainings

The easiest way to prevent medical grade computer breaches is to train your medical staff to recognize the various ways that they are constantly under cyber-attack. Medical grade computers are hot-beds for attacks from all angles such as phishing. There are multiple courses, as well as DIY seminars that can teach your staff how to recognize phishing emails, and how to handle them properly. Never ask your staff for any personal information via email, and inform them that any such requests will take place in person. The urgency suggested by phishing emails may cause staff to panic and forget to check who is sending them such emails, but if they know that supervisors would never ask for such information via email they can handle the situation properly.

  • Better Passwords

Complex passwords are a good way of keeping your medical grade computers safe, but they lead to confusion and wasted time by staff trying to remember their logins. Try having your medical staff use passphrases to login to their medical grade computers instead. Passphrases are simply long, easy to remember sentences that staff can use as a password for their medical grade computer that would take a hacker literal centuries to crack. An example would be using “thisismygreatpasswordthaticanremember” instead of “password”.

  • Update Medical Grade Computer Software

If you haven’t updated your medical grade computer’s software in a while, the best time is yesterday. Medical grade computers have to run many different software packages, and while it may be a pain to keep every single one updated, it is crucial to your medical grade computer’s integrity.

 

There’s no one-size-fits-all solution to keeping your medical grade computer network safe. Only a trained and aware medical staff can help keep hacking risks to a minimum. Medical grade computers are only as capable as their users, and keeping your users informed is the best practice.