Zero Trust Can Help You Lock Down Medical Devices
Zero Trust Can Help You Lock Down Medical Devices
Health care networks have been under constant and continuous attack for the theft of medical records. Between 2009 and 2017 there have been over 2,100+ healthcare data breaches involving more than 500 records. Those breaches alone have resulted in the theft of 175 million healthcare records. Consider that number again. 175 million records is more than 50% of the population of the United States. Medical records are the prime targets, as this data is highly valued to support identity theft and financial fraud.
Of course, we know today that medical devices are prime targets within health care networks. Once compromised cyberattackers can then use them to support a “backdoor” into the network. This backdoor supports additional reconnaissance and ultimately the discovery and location of targeted medical data.
Medical devices are closed devices and do not support standard cybersecurity endpoint software. There is no visibility into the internal operations or state of these devices. To make matters worse, when a breach is linked to a medical devices, the expense and time for restoration is considerable. Without network defense best practices in place, even these remediated medical devices can be reinfected and compromised almost immediately as the same attacker tools propagate through the network again, perhaps emanating from an unremediated medical device elsewhere within the network.
The list of medical devices that cyberattackers can find to exploit is endless. As we’ve mentioned in our healthcare reports and white papers the medical device targets can include CT scanners, MRI scanners, medical lasers, infusion pumps, heart-lung machines, dialysis machines, blood gas analyzers, and hundreds of other pieces of equipment commonly found within health care institution networks. Even portable X-ray machines can be compromised in the few moments when they are connected to the network, and, once compromised, they can continue to be a source of attacker tool propagation and compromised with each additional connection to the network. Of course, many medical devices are designed to be highly portable and hence are internet of things (IoT) enabled. This creates additional vulnerability to protecting these devices.
Zero Trust can help you lock down medical devices. A Zero Trust environment within your healthcare network may be constructed by combining cyber defense technologies such as moving target cyber defense (MTD) and network micro-segmentation. MTD shuts down the attacker’s visibility within the health care network. Micro-segmentation shuts down lateral east-west movement in the network through limitations enforced by policy and role. Cyberattackers cannot target health care servers or medical devices that they cannot see, and they cannot attack without a target. NIST has also been a strong supporter of micro-segmentation technologies for both healthcare and other networks.
The key principle of Zero Trust is to not allow any access to network resources, internal IP addresses, or servers within the healthcare organization until the identity of the user is properly authenticated and their access to the specific assets is authorized. Allow a user full access but only to the bare minimum they need to perform their job. Users that seek to go outside of the policy will be stopped from this unauthorized activity. Zero Trust makes the important assumption that the network and the resident medical devices could be compromised at any time and reduces network visibility accordingly to stop adversaries.
Zero Trust brings additional layers of defense to your existing defense in depth strategy to substantially harden your healthcare network. The Zero Trust ecosystem draws from a wide range of technologies and network defenses to better secure and harden standard TCP/IP networks. Absolutely nothing should be allowed network or resource access until they have proven that they should be trusted. The goal of this empowered healthcare cyber ecosystem is to authorize, validate, manage, and enforce the identity of the system and users throughout the network.
Zero Trust can bring the high levels of protection you need for your medical devices. Vulnerabilities inherent to medical devices such as embedded processors, older operating systems, missing patches and updates will be protected by a Zero Trust deployment. A Zero Trust environment is the best way to protect your medical devices and stop attackers, ransomware, and insider threats that seek to exploit your internal networks.
Health care networks have been under constant and continuous attack for the theft of medical records. Between 2009 and 2017 there have been over 2,100+ healthcare data breaches involving more than 500 records. Those breaches alone have resulted in the theft of 175 million healthcare records. Consider that number again. 175 million records is more than 50% of the population of the United States. Medical records are the prime targets, as this data is highly valued to support identity theft and financial fraud.
Of course, we know today that medical devices are prime targets within health care networks. Once compromised cyberattackers can then use them to support a “backdoor” into the network. This backdoor supports additional reconnaissance and ultimately the discovery and location of targeted medical data.
Medical devices are closed devices and do not support standard cybersecurity endpoint software. There is no visibility into the internal operations or state of these devices. To make matters worse, when a breach is linked to a medical devices, the expense and time for restoration is considerable. Without network defense best practices in place, even these remediated medical devices can be reinfected and compromised almost immediately as the same attacker tools propagate through the network again, perhaps emanating from an unremediated medical device elsewhere within the network.
The list of medical devices that cyberattackers can find to exploit is endless. As we’ve mentioned in our healthcare reports and white papers the medical device targets can include CT scanners, MRI scanners, medical lasers, infusion pumps, heart-lung machines, dialysis machines, blood gas analyzers, and hundreds of other pieces of equipment commonly found within health care institution networks. Even portable X-ray machines can be compromised in the few moments when they are connected to the network, and, once compromised, they can continue to be a source of attacker tool propagation and compromised with each additional connection to the network. Of course, many medical devices are designed to be highly portable and hence are internet of things (IoT) enabled. This creates additional vulnerability to protecting these devices.
Zero Trust can help you lock down medical devices. A Zero Trust environment within your healthcare network may be constructed by combining cyber defense technologies such as moving target cyber defense (MTD) and network micro-segmentation. MTD shuts down the attacker’s visibility within the health care network. Micro-segmentation shuts down lateral east-west movement in the network through limitations enforced by policy and role. Cyberattackers cannot target health care servers or medical devices that they cannot see, and they cannot attack without a target. NIST has also been a strong supporter of micro-segmentation technologies for both healthcare and other networks.
The key principle of Zero Trust is to not allow any access to network resources, internal IP addresses, or servers within the healthcare organization until the identity of the user is properly authenticated and their access to the specific assets is authorized. Allow a user full access but only to the bare minimum they need to perform their job. Users that seek to go outside of the policy will be stopped from this unauthorized activity. Zero Trust makes the important assumption that the network and the resident medical devices could be compromised at any time and reduces network visibility accordingly to stop adversaries.
Zero Trust brings additional layers of defense to your existing defense in depth strategy to substantially harden your healthcare network. The Zero Trust ecosystem draws from a wide range of technologies and network defenses to better secure and harden standard TCP/IP networks. Absolutely nothing should be allowed network or resource access until they have proven that they should be trusted. The goal of this empowered healthcare cyber ecosystem is to authorize, validate, manage, and enforce the identity of the system and users throughout the network.
Zero Trust can bring the high levels of protection you need for your medical devices. Vulnerabilities inherent to medical devices such as embedded processors, older operating systems, missing patches and updates will be protected by a Zero Trust deployment. A Zero Trust environment is the best way to protect your medical devices and stop attackers, ransomware, and insider threats that seek to exploit your internal networks.