Another Healthcare Hack: How Micro-Segmentation Could Have Helped

Healthcare-related data breaches and hacks are on track to become more dangerous than ever this year. Ransomware and malware are simply becoming more advanced and difficult to fight. Just the other week, radiation science and services giant Landauer was the latest victim of a cyber attack. “Cyber attackers infiltrated a data server operated by IT supplier Landauer, stealing a mix of names, dates of birth, radiation doses, and National Insurance numbers of staff who work with X-Rays.” (Danny Palmer, ZDNet) The hackers had compromised the server of Landauer, gaining access to the Velindre NHS Trust internal server and were able to steal the information of thousands of NHS medical professionals. Attacks like this are practically occurring on a weekly basis.
Security is now the topmost priority for most companies, especially in the healthcare industry. Since January, there have been more than 35 hacking-related incidents within healthcare companies that have affected 500 or more individuals. In total, more than 400,000 people have had their data stolen since January 1st of 2017. Fortunately, advanced technology approaches such as micro-segmentation can dramatically reduce the attack surface. Hackers might compromise one machine or VM but micro-segmentation can stop them from reaching any others. Once a hacker makes it through your firewall, without micro-segmentation he has free reign to jump around wherever he wants inside your data center or virtual environment. He can peruse your machines freely, stealing usernames, passwords, patient information, or financial data.
Consider the infamous Target breach from a few years ago: all it took was one simple phishing email for the hacker to gain access to Target’s internal portal via a third-party vendor. In comparison, this situation would have had an incredibly different ending had the company utilized micro-segmentation. The hacker would have been stopped and isolated at one machine, keeping the breach contained. As a policy, virtual and physical desktops shouldn’t be allowed to communicate with each other. Just like badges or IDs in any healthcare organization, your should have stringent security policies to control the traffic in your IT environment to allow only authorized users to access certain areas based on pre-determined credentials.
With the help of advanced micro-segmentation technologies—VMware NSX for example—hospitals can create security tags assigned to every virtual machine and associated specifically with that VM. They can create policies and assign those policies to those tags, preventing a hacker from gaining access to other areas. Even hospitals that have aging operating systems such as Microsoft 2003 or XP can leverage micro-segmentation in their existing infrastructure. In short, micro-segmentation is an extremely smart approach to ensuring that healthcare organizations can successfully protect sensitive patient data and organizational IP against the increasingly dangerous risk posed by modern security threats.
Talk to your account manager or email us to set up an SDN workshop
By Jake Cryan, Digital Marketing Specialist