In mid 2017, a global ransomware attack that targeted the British National Health Service (NHS) and rendered computers inaccessible until a ransom was paid highlighted just how vulnerable hospital-based information and operational technology is and how essential it is that it is protected. However, one of the main issues with building adequate cyber security systems is knowing what needs protecting. If we use the NHS example, it is operational technology, rather than information technology that has the potential to cause far greater damage if maliciously exploited.
Healthcare OT Security part of National CIP Plan
National Economy greatly relies on its Continuity to provide Healthcare services to the people. This becomes even more critical in wake of disaster, a disease outbreak, war or other catastrophe as public health sector will be among the key entities to step up to such an emergency. Therefore having a proactive cyber and OT Security strategy is need of the day to ensure that while we reap the benefits of IoT, we do not jeopardize our security of tomorrow. Besides ransomware cyber attacks in healthcare, some adversaries may other motives which could be more catastrophic. Hospitals use a number of devices these days along with more sophisticated systems for diagnosis and treatment of their patients. They are looking at cyber security companies and OEM’s to collaborate and provide embedded security features in the technology they are using.
By Operational Technology we refer to those devices and tools that are purpose built to perform functions of monitoring and/or control in a larger automation apparatus. In a hospital scenario this includes many important technologies and medical devices used for the continuation of healthcare operations. A basic example of this is an insulin pump. For this reason, healthcare is considered a critical infrastructure in many countries and protecting it from cyber threats an extremely high priority.
OT and IT systems can vary drastically in both their vulnerability and capacity to be upgraded and secured regularly and so OEMs and healthcare organizations will need to work together in order to identify key vulnerabilities in both singular function and broader management devices, equipment and networks. There are no “one-size-fits-all” solutions when it comes to protecting both IT and OT technologies and so understanding the threats faced by these technologies is essential to then be able to implement adequate security measures to suit both IT and OT Security procedures.
What Are The Threats?
There are numerous types of cyber threats and attacks that unprotected OT systems could be vulnerable to. However, there are actions that can be taken and protocols put in place in order to reduce this threat and secure both OT and IT systems. A secure OT system is considered safe, reliable and available for use and the methods and technologies used to create such system vary somewhat from traditional IT security software and patches. Some of the most important include the correct application of security systems and appropriate password and security-related procedures. Below are some examples of the most common cyber security challenges faced by operational technology systems as well as a few measures to better set-up, maintain, or protect them.
Open OT Systems: Because some OT systems are older than their more modern IT counterparts, many of these older technologies come with either less stringent or no built in security software and connect directly to the internet, leaving them open to brute force attacks and probing. Implementing remote access solutions such as multi-factor authentication along with an enterprise-grade firewall should help to secure your connections and connected technologies.
Poor Security And Password Practices: In order to eliminate the risk of healthcare staff inadvertently opening the door to potential exploiters, detailed and thorough training into what OT security challenges they may run in to, and what forms these attacks, smart browsing and how to report suspicious activity or credible threats efficiently. Simple things like using multiple strong passwords for sensitive technology really can make all the difference when attempting to build a safe and secure OT network.
Little Or No Security Updating: As mentioned before, many OT systems are older than their IT cousins and thus have less security built into them. Another issue is that, perhaps due to their singular-function nature, many operational technologies are left for long periods of time without adequate security updates that can leave them exposed. Scheduling and managing downtime in order to keep security systems up-to-date can reduce the overall amount of downtime required due to regular maintenance and updates while also ensuring the latest security features are taken advantage of.
Insecure Wireless Encryption And Authentication: Over the past five years, the cost of radio equipment needed to launch attacks against wireless networks has plummeted, meaning that these sorts of attacks are becoming more common as the technology spreads. It is not terribly uncommon for wireless devices connected to OT networks to use poor or outdated security protocols, leaving themselves open to any potential threats. However, the implementation of wireless encryption protocols, multi-factor authentication between devices, and cryptographic algorithms can prevent hackers from gaining access to wireless networks.
As we’ve now seen, there are various ways in which hospitals and healthcare centers can take action and protect themselves against the threat of cyber attacks. By using some of the methods and technologies described above, healthcare organizations are able to better shield themselves from malicious online activity by implementing intelligent systems and software alongside training regimes to fully equip staff and senior managers with the equipment and know-how on how to keep operational technology networks and critical infrastructure safe and secure.
Protecting Critical Infrastructure Of The Future
Intelligent systems, connected devices and cyber threats all look set to feature heavily in our future critical infrastructure, so adapting to these challenges as quickly as possible and increasing and innovating the ways in which the healthcare and other industries deal with OT Security threats seems to be the best way forward. There are no doubt that the threats already being faced by industries who adopt these solutions will evolve and become ever more complex and thus the need for solutions that can adapt and transform alongside these cyber hazards is already apparent. Further efforts will need to be made to educate employees on changing threats as well as regular training in order to reinforce new and existing cyber security procedures. With any future operational technology or information technology will need to come security systems ready to tackle not only the security hurdles being faced today, but also those unknown at present and be able to change alongside their environment and adjust their workings to deal with specific threats as they become apparent.
Many of the more recent innovations in cyber security involve artificial intelligence (AI) and machine learning in order to predict threats before they materialize using learnt patterns of behavior available through the data collected by other connected devices and sensors. These systems, should they continue to be developed and improved, could give rise to even broader security systems that use AI and machine learning technologies to both protect and manage OT Security of existing and expanded systems autonomously. While such systems may still be pipe dreams, the technology that could lead to them exists today and is currently being developed in such a way that could produce systems that influence the initial blueprints of such an all-encompassing artificial intelligence system. Until that time, security administrators for critical infrastructure will need to rely upon existing technologies alongside human critical thinking and common sense.