A whitepaper released by SANS Analyst Program (sponsored by Norse) predicts an increase in risks to healthcare systems and data given “more open exchanges of health care information between patients, insurers, doctors and pharmacists.” The report subtitled “Widespread Compromises Detected, Compliance Nightmare on Horizon,” describes results from another SANS report, “Biggest Culprits: Internet of Things and Security Devices,” which concluded that since the healthcare and pharmaceutical sectors will employ more devices, the threats are greater.
Specifically, the SANS analysis showed that the healthcare system’s critical information systems are poorly protected and often compromised. These issues affected radiology imaging software, video conferencing systems, digital video systems, call contact software, security systems and devices, including VPNs, firewalls and routers. The report’s author warns: “As compared to traditional IT systems, incidents involving Things, such as a hacked MRI machine, can carry physical consequences, as well as policy and financial impacts.”
- Connected medical endpoints (examples: online health monitoring to radiology devices to video-oriented services);
- Internet facing personal health data (example: web-based call center for medical supply entity);
- Security systems and edge devices (example: enterprise network controllers).
The report details the findings of a study that reviewed the largest sources of malicious traffic.
To get a copy of the report, go to:http://norse-corp.com