Name: Active Attacks on Healthcare: Examples, Protections and Lessons Learned
Start: 2023-03-14T16:00:00Z
End: 2023-03-14T16:00:57.000Z
Location: BrightTALK
Rating: 4.8

Healthcare is Cynerio's only business and our mission is simple: protect healthcare's weakest link to ensure patient safety, data confidentiality, and service availability. Our full-suite Healthcare IoT cybersecurity platform automates end-to-end, continuous asset discovery for every connected medical, IoT device, and OT system in the clinical ecosystem. We view cybersecurity as a standard part of patient care and cover every threat vector with proactive and preemptive attack prevention tools, automated risk reduction, threat mitigation, and step-by-step remediation programs built on the NIST Zero Trust framework to get healthcare facilities secure fast.

For over a decade the majority of cybersecurity efforts in healthcare have been focused on protection of patient data. Despite these efforts, the notable number of data breaches, ransomware attacks and resulting fines have left many compliance officers searching for improved guidance and insight.
Join the Cynerio research team as they discuss common blind spots in Compliance Officer playbooks, show use cases seen in typical hospitals, and provide guidance on immediate actions that will extend insight and compliance coverage. From identifying and securing exposed PAC servers to stopping the spread of cyberattacks across vulnerable medical devices, this session will clarify the risk landscape and discuss solutions used to address these challenges by leading healthcare facilities.
Join the Cynerio research team as they share:
-How compliance officers can partner with cybersecurity teams to identify exposed patient ePHI
-Three simple questions that will provide more insight to how patient data is protected
-Common healthcare integration landscapes and how they put thousands of patient records at risk
-Examples of common points of exposure missed by compliance and IT teams, from white boards to newborn monitors

Compliance Challenges in Healthcare: Addressing Exposed ePHI and Medical Devices

Since 2020 the number of cyberattacks on healthcare environments has grown at an alarming rate, but the collective impact, frequency and resulting damage have gone largely undocumented. Informed by several recent studies, the August 2022 release of “The Insecurity of Connected Devices in Healthcare” has significantly clarified the cyberattack landscape. From financial impact to compromised patient care, the report represents a collective voice of healthcare leaders from 517 hospitals across the United States. Among the findings: 
-76% of healthcare ransomware victims have been attacked three or more times
-47% of healthcare organizations hit by ransomware paid the ransom
-88% of attacks involve IoT / IoMT devices
-43% of hospitals have suffered a data breach in the last two years
-And tragically, 24% of attacked hospitals note a rise in mortality rates following a cyber attack
These numbers are further backed by real-life stories that paint the clear risks - vulnerable PACS servers exposing millions of records, hijacked hospital robots with privileged physical access controlled from afar, and new hospital environments infected with malware before the first patient is even admitted.
 
Join Cynerio team members as they discuss key findings from the report, the wide ranging impact on hospitals and their patients, and clear actions that can be taken by hospital staff, leadership, policy makers and others within the healthcare community.

The Healthcare Cyberattack Landscape Presented by Cynerio, a H-ISAC Navigator

The recent Insecurity of Connected Devices in Healthcare 2022 report provided more insight to cyberattacks faced by hospitals than ever before. From better documenting the breadth and frequency of attacks, to the lack of ownership within healthcare environments, the data makes clear why cybercriminals are so focused on hospitals. To better protect environments and the patients within them, new approaches, mindsets and technologies must be rapidly adopted and optimized. Join team members from Cynerio, AWS, First Health Advisory and Nuvolo as we discuss healthcare cybersecurity innovations and improvements. From first-hand attack examples to surprising new approaches, these technology leaders will provide a glimpse into the future of cybersecurity protections for patients.

Innovator Roundtable: Addressing IoT/IoMT Insecurity in Healthcare

The recent release of "The Insecurity of Connected Devices 2022" by Ponemon Institute and Cynerio has shed new light on the widespread cyberattacks that hospitals routinely experience. Join Larry Ponemon, Chairman and Founder of the Ponemon Institute and Leon Lerman, CEO and Co-Founder of Cynerio as they discuss trends ranging from repeat attacks, frequency and costs of ransom payments and impact on patient care.

The Insecurity of Connected Devices 2022

The continuous rise of ransomware attacks in healthcare environments has highlighted the need for hospitals to take full control of securing the devices treating patients. Unfortunately, nearly every effort uncovers a new set of unexpected challenges including numerous unsupported devices, limited resources, hard to find expertise and attackers that are more advanced than the protections trying to stop them. Join the Cynergistek and Cynerio teams as they share their healthcare experience in an effort to help others adopt medical device security practices more efficiently. During the session both teams will discuss ways to identify active attacks, cut down on the noise found in many tools, provide teams with the expertise they need, and ultimately focus security efforts on the top threats with the proper urgency.

Exploring Day-to-Day Challenges in Medical Device Security

On April 12th a set of five vulnerabilities impacting Aethon TUG healthcare robots were disclosed by Cynerio. These vulnerabilities allowed researchers to remotely execute a wide range of attacks including accessing restricted areas, controlling elevators, interacting with patients, dispensing incorrect medications, and many more. This session will provide a deep dive into the findings, discuss how healthcare organizations can protect against them, and cover proactive steps to protect against similar findings in the future. We will also discuss the broader trends related to IoT adoption in healthcare and how organizations are balancing the associated risks and benefits of modern technologies.

What Hijacked Robots Tell Us About IoT Risks in Healthcare

Healthcare providers have long searched for ways to create resilient systems that prioritize patient care. In recent years this focus has shifted to the modern devices that provide increasingly effective treatments but also introduce cyber risk. IoT devices and their underlying infrastructure have proven to be highly vulnerable to a combination of cyber attacks and zero day vulnerabilities that are unpatchable and easily exploited. The challenges are further exacerbated by natural and human-made disasters that impact every aspect of care in a time of emergency. To combat these challenges hospitals must further improve the resilience of their environments from the underlying core infrastructure to the thousands of devices providing life saving and sustaining treatment to patients. Join Hector Rodriguez and Chad Holmes as they discuss how AWS is providing the core components of resilient healthcare infrastructure while also fueling innovative approaches to device security and patient protection.

Improving Medical Device Resilience with AWS + Cynerio

JekyllBot:5 and the Scary Realities of IoMT Security

Healthcare providers face a constant threat of cyber attacks with impacts ranging from short-term outages to months of compromised care and lost revenue. In many cases, the weaknesses leading to these attacks exist in compromised medical devices. Unfortunately, traditional approaches of identifying, updating and securing thousands of devices have failed to scale at the same rate of attacks. The result - hundreds of annual incidents resulting in tens of millions of dollars in recovery costs and immeasurable impacts on patient health.
To address these issues, hospitals must partner with technologists to better identify, address and protect their environments. Join MarinHealth as they discuss their experiences in handling an active attack, partnering with Cynerio to address the risk, and ultimately driving innovation in medical device security based on the experience.

MarinHealth Round Table: Attack Identification and Cybersecurity Innovation

In a few days, Cynerio will be releasing a "State of Medical Device Security" 2022 Data Report. During this webinar, we will provide proprietary data from our own research regarding vulnerabilities found in healthcare devices. From the devices most likely to be impacted by unpatched critical vulnerabilities to those introducing bedside risk, Cynerio’s analysis has exposed the deeper context needed by healthcare providers as they battle increasing cyber-attacks. Join Cynerio’s team as we discuss the study’s findings, practical approaches to addressing the risks, and what teams can do today to protect themselves from common attacks like ransomware.

Data Report Roundtable: State of Medical Device Security

Recently discovered Log4j vulnerabilities have lead to frantic efforts to patch and update systems throughout the world. Among the industries most in need of guidance are healthcare facilities who need to protect patients, ensure continuity of service and avoid medical record exposure. Join Cynerio's research team as we recap the Log4j vulnerabilities, discuss the elevated risks faced by healthcare providers, share real-life exploitation examples, and provide clear guidance on how to address these and similar issues in the future.

Log4j Roundtable: Understanding Threat to Healthcare Organizations

Small hospitals account for over 85% of facilities in the United States. Not surprisingly, recent cyber attacks have targeted these hospitals at a similar rate, with ransomware having a particularly devastating financial and medical impact. These challenges are fueled by a combination of rapidly evolving attack patterns and difficulties in finding, training, and retaining staff to provide cyber security protection. Join the Cynerio team as we share experiences from our customers, provide guidance on how to address these issues, and suggest technical approaches to better defend medical devices from cyber attacks.

Rapidly Securing Medical Devices in Small Hospitals

Small hospitals have seen ransomware attacks increase by nearly 600% since the beginning of 2020. Despite this dramatic rise, news coverage of healthcare attacks is often limited and focuses on more visible breaches like that on Colonial Pipeline. Join the Cynerio team as we explore the ransomware landscape in healthcare, discuss how it impacts facilities of all sizes, and learn about the costs associated with these attacks.

Exploring the Ransomware Landscape in Healthcare

For decades patient care has seen improvements resulting in the data, insight, and timeliness provided by connected devices. As the number of these devices has grown, so have the number of threats, vulnerabilities, and entryways for bad actors within healthcare networks. 

In this presentation, we will discuss the landscape of Medical IoT, IoT, and other connected devices in a typical healthcare facility. We will then dive deeper into the technical risks they expose, dissect several recently documented vulnerabilities, address how to handle unpatchable devices, and provide options for addressing these risks.

How Old Devices Haunt Modern Healthcare

Cyber attacks on healthcare facilities have more than doubled since the beginning of the COVID-19 pandemic. Despite the rapid rise in these attacks, news coverage is often limited with a focus on more visible breaches like that on Colonial Pipeline. Watch this short video where we compare and contrast several recent ransomware attacks, identify why healthcare breaches receive limited attention and explain how the real impact is nearly twenty times greater than that on other industries.

Cynerio Rapid Recap: Dissecting the Healthcare Ransomware Landscape

In the last three years the approaches to attack healthcare have evolved from basic data encryption to causing long term disruptions and repeated attacks. Join the Cynerio team for a Rapid Recap of recent evolutions and how your team can increase protections against these evolutions.

Cynerio Rapid Recap: The Business Evolution of Hacking Healthcare

In recent years healthcare environments have become a prime target for cybercriminals due to underfunding, lack of expertise and lagging cybersecurity practices. Recent studies including The Insecurity of Connected Devices in Healthcare 2022 have clarified the threat landscape, with far higher levels of attacks, repeat attacks, ransomware payments and adverse patient outcomes than previously thought. Join healthcare cybersecurity and hospital leaders they discuss recent studies, share first-hand experiences, and most importantly, share techniques and technologies being used to reduce the impacts of cyberattacks. These will include:
-Details about the most common attacks on healthcare from Ransomware to RATs
-Examples of attacks on devices ranging from Stress Level Treadmills to Microbial Detection Units
-Modern techniques are being used to identify attacks in minutes and completely address them in hours

Active Attacks on Healthcare: Examples, Protections and Lessons Learned

Health IT

IoT Security

Ransomware

Cyber Attacks

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Healthcare

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Active Attacks on Healthcare: Examples, Protections and Lessons Learned

Presented by

About this talk

More from this channel