You’re Still Using that OS? Major Security Threats in Healthcare


Believe it or not, this very scenario is actually a reality for a highly regulated industry. As Windows XP celebrates its quinceañera, the healthcare industry is a VIP on the guest list. With XP boxes managing electronic health records, it’s no wonder malicious actors are deploying ransomware attacks before they even have their morning coffee.

Recent Attacks on Healthcare Institutions

Security threats in healthcare have risen sharply in 2016. While we’re seeing reports of healthcare data breaches, many still remain invisible to the public. Victims of the attacks are remaining silent and not disclosing ransom amounts, for fear of damaging their reputations.

It’s estimated that ransom payments worldwide have reached around $300,000 per day. In this year alone we’ve seen:

  • MedStar Health (Maryland)
  • Hollywood Presbyterian Medical Center (California)
  • New Jersey Spine Center
  • Marin Healthcare District (California)
  • Urgent Care Clinic of Oxford
  • University of Southern California’s Keck and Norris Hospitals
  • Professional Dermatology Care (Virginia)
  • Kansas Heart Hospital
  • Alvarado Medical Center (California)
  • King’s Daughters’ Health (Indiana)
  • Chino Valley Medical Center (California)
  • Desert Valley Hospital (California)
  • Methodist Hospital (Kentucky)
  • Ottawa Hospital

6 Steps to Protect Against Security Threats in Healthcare

Ransomware has already caused significant damage, but there is no sign of that slowing. Rather than accepting this fate, it’s time to up your security practices with these steps:

Activity Monitoring

Constant monitoring of all processes on endpoints is imperative as the healthcare industry adds mobile and IoT devices. With network diversification along with outdated technologies like Windows XP, cybercriminals are sniffing out the weaknesses. They are using the onion routing (Tor) browsers to connect to infected websites from exploited machines. By detecting these outbound connections immediately, threats can be stopped in their tracks.

Backup or Pay Up

HIPAA imposes severe penalties for compromised data. With BYOD and the flux of managing patient data on mobile devices, this becomes a major concern. Using an enterprise file sync-and-share software, data can be automatically replicated to a back-end file server. With the great number of devices now in use, storage space can be significant. To ease this issue, it’s important to deploy storage deduplication or similar technologies to minimize the data footprint.

In the event of a major attack, adequate backups will provide some relief. Restoring files from backups is always preferred over paying a ransom.

Immunize the Network

We do it for measles, so why not the network? Choose a security software that detects never-before-seen-threats and notifies the network with an update, instantly. This prevents the threat from spreading and running on other machines.

Move to the Cloud

Most ransomware known to date hasn’t been able to penetrate the cloud. With the prediction of increased attacks in the coming year, it might be time to consider using file-sharing systems like SharePoint and OneDrive for Business.

Prevention Scanning

Static prevention will block known threats, but we are seeing ransomware slip by antivirus tools. Flash-based content, documents containing macros, and infected websites are all to blame. Using a security software that provides a layer of preemptive protection through cloud reputation services can be helpful. These solutions can send hashes from executed binaries that exhibit suspicious behavior.  Malicious files and sources can be proactively blocked to contain and diminish any threat(s) presented to the network.

Keeping Patient Information Safe with SentinelOne

2017 is just around the corner and we want it to be a more secure year for healthcare. SentinelOne unifies prevention, detection, and response in a new approach to endpoint and server protection. Leveraging behavior-based threat detection and intelligent automation, you can be sure HIPAA regulated information will be guarded from ransomware. [SentinelOne has been certified by a third-party assessor to meet HIPAA requirements.] To learn more about how we protect security threats in healthcare, contact us today and be sure to read our whitepaper on Healthcare Cybersecurity.