Cybersecurity Awareness Month: Securing Internet-Connected Devices in Healthcare
Key Takeaways
Cyber Security Month: Week 3
It’s important that everyone has the resources they need to be safer and more secure online. For this reason, the U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA) designated October as Cybersecurity Awareness Month. Here at Guardio, cybersecurity is all that we do. Not only do we seek vulnerabilities in other products, but we also work hard to keep individuals safe in their day to day browsing.
The Guardio Blog is full of resources you can use to educate yourself about the latest threats and tips to stay safe. In honor of Cybersecurity Awareness Month, this article is the third in a series of four, dedicated to providing you with the resources you need to be safe and more secure online. Check out previous week’s articles here:
Week 1: If You Connect It, Protect It
Week 2: Securing Devices at Home and at Work
Securing Internet-Connected Devices in Healthcare
Shortly after Windows XP became defunct, I visited my doctor for a routine prenatal appointment. I was both stunned and alarmed to see that each of their computers continued to run Windows XP. Similar to Windows 7 End of Life, using Windows XP after it’s end of life opens the door to a number of security vulnerabilities that put patient and healthcare staff data at risk.
Each time Microsoft releases a security patch for newer operating systems, hackers can access a changelog highlighting any security holes that existed for older versions. This makes any network with an outdated device an easy target for ransomware attacks, keylogging, and other malware. Why should this matter for the average person like you or I? Identity theft.
{{component-cta-custom}}
Think about how much of your information your healthcare provider stores. For starters, they have your name, phone number, address, and birthdate. They also have your social security number, your driver’s license or identification number, your health insurance card, and a wealth of information about your health status. They have everything an identity thief needs to turn your world upside down.
83% of healthcare systems are currently using outdated and unsecure operating systems ^1.
This is a big deal. Whether you’re of the “it’ll never happen to me” mindset or you think you have nothing hackers could possibly want, your information carries a huge value to hackers and it CAN happen to you. It can happen to anyone.
Here are just a few of the breaches to occur in healthcare in 2020
- Health Share of Oregon: 654,000 Patients Cause: Theft of a vendor laptop ^2.
- Florida Orthopaedic Institute: 640,000 Patients Cause: Ransomware ^2.
- Elite Emergency Physicians: 550,000 Patients Cause: Improper disposal of patient records^2.
- Magellan Health: 365 Patients Cause: Ransomware ^2.
- BJC Health Systems: 287,876 Patients Cause: Phishing Attack ^2.
- Benefit Recovery Specialists: 274,837 Patients Cause: Malware ^2.
- Ambry Genetics: 232,772 Patients Cause: Email hack ^2.
- PIH Health: 199,548 Patients Cause: Phishing Attack ^2.
- BST & CO. CPAs: 170,000 Patients Cause: Ransomware ^2.
- Aveanna Healthcare: 166,077 Patients Cause Phishing Attack ^2.
What should individuals do to protect their information?
While you may be taking steps to stay safe online, this doesn’t mean that everyone else is doing the same. Health systems and other organizations experience data breaches often and not all of these breaches are made public. Companies hide breaches every day for fear of the negative attention and loss of business that comes with their breach of customers’ trust. Guardio offers account monitoring that can alert you right away if your account information was shared online or on the dark web for criminals to access so that you know to begin taking action to protect yourself right away.
Once you learn that your information has been involved in a breach, take steps to minimize the impact of the breach. In the long run, these steps often determine whether you become a victim of identity theft or simply need to change a few passwords. If you’re a victim of a data breach and aren’t sure what steps to take, use our guide: I've Been Breached: A Step By Step Guide to Protecting Your Data
Source
{{component-cta-custom}}
FAQs
