October 8, 2021

The blueprint for keeping healthcare secure

ForeNova’s Attack Surface Blueprint for healthcare organisations

  • threat detection
  • NDR
  • cybersecurity
  • ransomware

As we continue to deal with the ramifications of the COVID-19 pandemic, another global pandemic is reaching a critical point—ransomware. Attacks are on the rise, with a 151% increase in volume in the first six months of 2021, compared to the same period last year, and recent victims illustrate that no industry is immune.  Targets this year alone have included the world’s largest pipeline, a chemical distributor, a major food processor, and a multinational hardware and electronics company, Acer, who received a ransom demand of $50 million, the highest figure ever reported.

In Germany alone, 3,747 ransomware incidents cost enterprises and governments $4.6 billion in ransom demands and downtime costs in 2020. Along with business interruption and financial loss, ransomware decreases enterprise productivity and can have a significant impact on human lives. When Dusseldorf University Hospital was the victim of an attack last September, it was unable to accept emergency patients. This attack resulted in a loss of life when a patient was re-routed to another hospital, 20 miles away.

The healthcare industry is in a critical state 

Looking at healthcare, there was a 47 percent hike in cyberattacks on hospitals and healthcare networks in 2020. With legacy infrastructure, outdated security controls – often due to budgetary limitations – and the notoriously slow adoption of digital technology, the fact that these organisations are being heavily targeted is not surprising. After all, it’s common knowledge that they house a wealth of valuable information, with patient data being the most critical to safeguard. 

Electronic health records, wireless medical devices, including cardioverter defibrillators, pacemakers, and insulin pumps, and the growth of telemedicine and remote work, accelerated by the pandemic, are all contributing to a critical state in the industry. Ransomware gangs understand the playing field and are adept at targeting the most vulnerable—and the most alarming part is that they may already be in the network waiting, for days or weeks, to strike. These high-stakes, life-or-death consequences create a sense of urgency for healthcare organisations who often must move swiftly to resolve a cyberattack by paying the ransom. 

Healthcare Attack Surface Blueprint 

With escalating threats and increasing vulnerabilities, prevention is no longer enough. Much like a doctor recommends a regular healthcare routine – a healthy diet and regular exercise – healthcare organisations must now practice a regular ransomware routine – proactively looking for hidden threats. This is where ForeNova’s Attack Surface Blueprint, delivered by NovaCommand, comes in.  

The attack surface blueprint helps enterprises, across all industries, avoid becoming the next victim by seeing what the criminals see. It provides a complete view of an organization's IT landscape, including the most common exposures - and easy targets for cybercriminals.

Built by ForeNova’s team of ransomware experts, using data gathered from thousands of enterprises, ransomware attacks, and undetected threats, attack surface blueprints gives security professionals the intel required to move quickly and confidently in responding to threats. With visibility into your ‘attack surface’, you can start to fight back–and beat ransomware gangs at their own game using the Network Detection and Response solution, NovaCommand. 

Network Detection and Response 

Through a combination of machine learning, advanced analytics, and rule-based detection, NovaCommand eliminates blind spots in the network to quickly mitigate threats.

Here’s how it works. As a complete NDR offering, it provides enterprises with deep network visibility into on-premise and cloud environments. Using ML to model the normal behavior of network traffic, NovaCommand can quickly identify abnormalities. It then eliminates false positives to focus on suspicious network traffic and activities that may represent a cyberattack. These techniques include signature analysis, malware detection, sandboxing, indicators analysis, email security, web security, machine learning, AI, deception, and asset risk analysis.

Once a threat has been detected, NovaCommand prioritizes the threat and triggers the correct response actions. These response actions, which can be manual or automated, are possible by having integration with firewall vendors, endpoint protection vendors, and other security products like network access control solutions. Response actions can block ports, trigger an endpoint scan or block a port on a physical switch. NovaCommand also provides incident responders with the tools they need to make risk-based decisions and mitigate attacks in near real-time.

While the ransomware diagnosis seems grim for hospitals and healthcare providers, and industries at large, the best protection is a proactive security posture. By uncovering hidden and unknown threats, and leveraging automated threat response, organisations can close security gaps much faster and greatly reduce strain on internal resources. While we can’t stop the spread of ransomware – remember it’s not if an attack will happen, but when – we can help protect your organisation from new and persistent cyber threats. 

Ready for your custom blueprint? 

Get Your Attack Surface Blueprint