You’ve probably heard the infamous story about how Dick Cheney’s heart defibrillator was modified to prevent it from being hacked while he was vice president. While Cheney’s medical team was quick to address this particular issue, the larger healthcare community has been slower to react to persistent threats and medical device security remains a growing concern even 11 years later.
Carolyn Crandall, chief deception officer for security company Attivo Networks, says, “Healthcare IT teams need tools in their arsenal that not only defend the network perimeter but also help them detect and respond to in-network threats quickly, efficiently, and effectively.” These tools, of course, include a technology Attivo sells: deception software.
Written by: Carolyn Crandall, Chief Deception Officer & CMO It was great to attend the NH-ISAC 2018 Spring Summit last week in Ponte Vedra Beach, FL as Grand Round Sponsors. This year’s conference was primarily focused on fostering and building relationships within the trusted healthcare and public health sector community through educational events aimed at advancing the global health sector’s cybersecurity approach. As a Grand Rounds Sponsor, Attivo had a tremendous opportunity to engage with the healthcare community and gain feedback on top security concerns and challenges.
Over the last few years, the healthcare industry has become a prime target of cyber-attacks. While most healthcare organisations are committed to patient privacy no matter what it takes, some are still behind in terms of cybersecurity adoption and advancement…Ray Kafity, vice president for Middle East, Turkey and Africa at the cyber security firm Attivo Networks, says healthcare organisations are turning to the likes of “deception technology” to provide early detection of, and response to, in-network threats that have bypassed other security controls.
“The biggest threat posed by cyber-criminals today is their ability to remain undetected in the network for months, once they have bypassed perimeter defences,” he said. “New technologies and approaches like deception-based threat detection will be one of the techniques and investments that organisations will adopt to close this gap and strengthen overall defences.”
Deception technology is a powerful tool that can help secure company assets, safeguard patient data and transform the network into an environment where the attacker cannot determine what is real and what is fake. These traps and lures detect lateral movement, credential theft, ransomware and Active Directory reconnaissance, ultimately revealing an attacker’s activities as they try to scan systems or attempt to download malware onto medical devices.
By: Carolyn Crandall Smart medical devices have incredible potential to save lives and improve our general well-being, but they also present a host of untold threats that have yet to be fully exploited. You’ve probably heard the infamous story by now. Several years ago, it was revealed that Dick Cheney’s defibrillator was modified to prevent hacking. While Cheney’s medical team was quick to address this particular issue, the larger healthcare community has been slower to react to persistent threats and medical device security remains a growing concern even 11 years later. Almost 36 (35.6) percent of organizations’ IoT-connected medical device ecosystems experienced a cybersecurity incident in the past year, a recent Deloitte survey revealed. That’s more than one third of organizations experiencing some type of threat to the smart medical devices they are in charge of protecting.
Cyberattacks against IoT devices have grown markedly over the past two years, prompting a warning from Interpol that nearly any IoT device – from refrigerators to smart phones – is vulnerable to attack.
As attacks proliferate, law enforcement struggles to keep up, according to a report in the Express.
“Attacks on IoT devices such as internet connected fridges, TVs, smart home devices etc. are down to flaws in the software running on them, and attacks will continue to happen until those flaws are dealt with. Good practices by vendors around configuration and authentication need to be initiated or matured to prevent this in future,” said Adam Brown, manager – security solutions, at Synopsis. “The famous Mirai botnet attack of late 2016, which saw the likes of Twitter, Netflix and others knocked out of service, was made possible because of the use of default credentials in IoT devices – a flaw in the design.”
Brown said he “would love to see certification for IoT devices become commonplace so that consumers can know that the devices are cyber safe, much in the same way that if you buy a toy with a CE mark you know it has been through a process of assessment and it won’t, for example, poison anyone because it has lead in its paint.”
“We welcome Attivo Networks to the BD Product Security Partnership Program as an important collaborator in our collective quest to improve cybersecurity across the health care industry,” said Rob Suarez, director of Product Security for BD. “The Attivo BOTsink solution was rigorously tested and validated by BD to tailor their protection technologies to work with our medical technologies, rather than being introduced as an afterthought.”
Then, I heard about Attivo and as one of the four CDM judges on our Infosec Awards from 2017, with them being one of our winners, receiving an overwhelming positive vote from the judges, I wanted to dig into what they are up to a little further and look at them within the purview of the Time-based Security model – could a solution like the Attivo ThreatDefendTM Deception and Response Platform actually deliver a way to slow down the breaches, because, frankly, we’re not yet going fast enough to stop them?