As cybercrime continues to plague the healthcare industry, a model that focuses on identifying and blocking every step of a cyber attack can help providers stay one step ahead of hackers.
The need for effective cybersecurity protocols in the health system is more urgent than ever. In the first six months of 2021, Data breaches increased by 27% According to a recent report, it has increased to 343 compared to the same period last year.This year, many providers have become victims of ransomware attacks, including large and resource-rich providers such as Trinity Health with UPMC.
The answer to health care cybersecurity questions may lie in models adopted by other industries, such as the “cyber kill chain” model, said Chief Information Security Officer Steve Winterfield. Akamai Technology, A cyber security company.
The model was developed by the defense contractor Lockheed Martin as a framework for military operations. Using this model, the military can outline all the steps of a potential attack and then develop strategies to stop it at each step. Winterfield said in a telephone interview that the same model can be used to detail the steps involved in a healthcare ransomware attack, enabling organizations to protect themselves at every point.
“The reason we call it a kill chain is that you can stop [the hackers] When they conduct reconnaissance, you can stop them when they attack, and you can stop them when they establish command and control [over your systems]”,” he said. “If you use this method, the old saying is that the defender must be correct every time, and the attacker must be correct only once, which is incorrect. [The attackers] Now it must be correct multiple times to succeed. “
Once they outline the steps for a cyber attack, the health system can consider implementing a combination of defense strategies. For example, they can eliminate system vulnerabilities through patching, contain malicious attachments sent via email through filtering, and prevent access to infected websites through secure network gateways, Winterfield said.
This model helps the health system take a programmatic rather than passive stance on cybersecurity.
“It allows you to look at what might happen to you from start to finish and evaluate [your response] At every stage,” Winterfield said. “Instead of a point solution, you ask yourself [how to ensure] Prevent-detect-respond throughout the life cycle of the attack. “
However, although the “cyber kill chain” model can help the health system figure out what needs to be done, it does not mean that the health system must have the necessary conditions to do so.Mike Kijewski, CEO of cybersecurity company, said that implementing this model requires a lot of financial and human resources. MedCrypt, In an email.
These demands were made at a time when most hospitals were facing severe funding shortages, and Covid-19 made the situation worse.
“JP Morgan Chase reports that they spend US$660 million on cybersecurity each year, accounting for about 0.5% of their total revenue,” Kijewski added. “Hospitals need to be able to spend the same proportion of their budget on cybersecurity, but there are very few resources available to do this.”
However, despite the tight resources, hospitals still face a choice: Don’t add expensive technology that helps prevent attacks, or risk the expense and reputation loss of being attacked.
As cybercrime worsens, models like “cyber kill chains” may help them effectively defend against various bad actors who want to infiltrate their systems.
Photo: sdecoret, Getty Images



