Threat actors are known to take advantage of every opportunity, and the largest vaccine deployment in history is no exception. Attackers find ways to target Covid-19 vaccine supply chain.
That’s what Troy Ament, Fortinet Field RSSI for Health, says, adding that health and cybersecurity must go hand in hand.
The healthcare sector has undergone several dramatic changes during the pandemic, including a shift towards offering large-scale telehealth services, setting up temporary and remote COVID-19 testing and vaccination sites, as well as as the development, manufacture and distribution of vaccines on a large scale.
During all of these changes, security teams were responsible for maintaining compliance in addition to cybersecurity. For many organizations, this meant reorganizing the security infrastructure to support remote users and stay ahead of the bad guys.
Ament says that while compliance requirements such as HIPAA have long been the primary drivers of healthcare cybersecurity strategies, other considerations are also taking over.
“The threat landscape, for example, has accelerated significantly during the pandemic and continues to become increasingly sophisticated. The integration of IOT, Industrial IOT and Medical Internet of Things (IOMT) is now fueling a convergence of OT and IT, ”he says.
It goes beyond connected medicine, telehealth, cloud migrations and the rise of remote working, all of which have contributed to the ever-growing attack surface, notes Ament.
Exploit vulnerabilities have multiplied along with the rise of remote working and, like many other industries, the healthcare industry has seen a significant increase in ransomware attacks, he says.
“Analysts with Black Book Research even plan to triple these attacks in this sector in 2021. Similarly, FortiGuard Labs research suggests that web browsers and IOT devices, in particular, will continue to be popular targets. “
The criminals have also targeted technology that makes it easier to deploy vaccines, such as scheduling platforms that include personal information. Attacks in this space lead not only to financial losses, but also to exposure of patient information.
According to Ament, a strong security posture is essential as networks become more complex and volatile. While CISOs cannot always control the actions of their suppliers’ suppliers, they are still responsible for security, including reviewing supply chain policies and protocols.
“The first step is to develop a supply chain risk management plan that identifies and lists risks throughout the system development lifecycle, including design, manufacture, production, distribution , acquisition, installation, operation, maintenance and decommissioning. For each risk identified, solutions must be developed and alternatives must be created for each link in the chain. “
Integrating networking and security strategies is crucial for healthcare security leaders, he adds. To address the growing security concerns associated with a massive increase in the use of IOMT devices, cloud services, and network demands, solutions such as SASE (Secure Access Service Edge) and SD-WAN are needed to enable integration and reduce complexity.
Hackers target vaccine deployment | ITWeb
Source link Hackers target vaccine deployment | ITWeb