18-Sep-2020
Since medical facilities are particularly vulnerable to security threats due to their open network architectures and simply because of the large number of users, it needs special attention to network security and data transmission. Access to information via private mobile devices must remain verifiable and be secured by appropriate encryption technologies such as VPN. In addition, you need to be compliant with legal regulations such as GDPR and KRITIS and industry standards such as the B3S (in Germany).
Complete failure of the IT at the University Hospital in Düsseldorf
The fact that IT security in hospitals and the health care system in general is of essential importance is shown not least by the recent incidents surrounding the failure of the entire IT at the University Hospital in Düsseldorf. A few days ago, 30 servers of the university hospital had been encrypted and an extortion letter had been transmitted. The background to the IT failure was ransomware, which is often infiltrated into end devices via spam e-mails, infected removable drives, hacked or compromised websites or even hidden in legitimate software bundles.
The spicy thing about this case: Apparently, the blackmail letter was delivered to the Heinrich Heine University in Düsseldorf, so it is assumed that the university hospital was not the intended target of the attack. Allegedly, the blackmailers had withdrawn their blackmailing after the Düsseldorf police had contacted them and informed them that the welfare of the patients was at considerable risk. After the IT system of the university hospital of the capital of North Rhine-Westphalia failed, the building could no longer be accessed by ambulances and rescue services.
The fact that the hospital could be attacked at all was due to a suspected security gap in an application. Until this could be closed by a patch, the attackers already had enough time to penetrate the hospital systems and encrypt data access.
Application protection in healthcare
IT security gaps in healthcare applications can have devastating consequences. The more web applications are used, the higher the potential threat to those that are accessed via the web and are therefore vulnerable to external attacks.
Ransomware infects healthcare infrastructures repeatedly, because in 24/7 hospital operations it is very difficult to keep software infrastructure up-to-date or even to get a possible downtime slot. Computers running legacy software that only runs under special operating systems or driver versions are also an easy target. Added to this are the often obsolete devices that can hardly be updated and thus act as a reservoir for malware that is distributed in the network.
The more areas within a hospital are optimized by IT systems, the more they become potential targets for attack. In recent years, hospitals around the world are targets because hackers do not stop at the healthcare sector. However, only future-proof, proactive, state-of-the-art cybersecurity solutions can guarantee functioning healthcare services and secure, networked hospital operations. We have summarized how this can be achieved in IT security in the healthcare sector.
After being contacted by the police in Düsseldorf, the blackmailers transmitted a digital key to decrypt the data. Now the responsible public prosecutor's office is investigating for negligent homicide, as an emergency admission could not be made and a patient died.