Skip to content

How Attackers Target Healthcare Organizations and Why ZTNA Is Critical to Stop Them

Over the last decade the healthcare industry has famously been one of the industries most targeted by hackers. This fact was recently validated by IBM’s annual Cost of a Data Breach report conducted by the Ponemon Institute.

The report examined 524 organizations that experienced a data breach between August 2019 and April 2020 from a wide range of industries and regions. Researchers interviewed over 3,200 individuals in the know on those incidents to discover the costs associated with discovering and responding to the breach.

The report indicates that the highest price paid for data breaches is by the healthcare industry, with costs reaching $7.13 million annually as opposed to an average cost of $3.86 million across all sectors. Additionally, it shows that in the last year, these numbers have increased 10.5% from the 2019 report, the highest increase out of all industries.

One of the primary reasons for healthcare organizations being so susceptible to attacks is the vast number of users and types of users that require access to the hospital networks and resources. This creates a large attack surface for hackers to exploit, allowing them to gain access to hospital networks and wreak havoc.

Challenges of Maintaining a Healthcare System

Trying to map the different types of users a healthcare organization has can prove to be a challenge as there are a wide variety of users:

  •  Employees and administrators of the healthcare organization
  •  Third-party users such as contractors and other healthcare organizations
  •  Connected devices like medical and IOT devices

Consider the need to grant each user with the appropriate access and you’ll find even more challenges:

  1. Controlling and securing remote access to healthcare resources for external users – This would require supporting different types of users, such as employees and contractors. Security access should only be provided once trust is established, and users should be kept off network when accessing data. The system should also be able to support both VPN and non-VPN users as well as WFH (work from home) and BYOD users and legacy applications.
  2. Controlling and securing access to healthcare organization resources for internal users – As with the protocols for external users, here too users should be kept off network when accessing data and use of legacy applications should be supported. Additionally, MFA should be added to applications without MFA support.
  3. Controlling access between different network segments – The IT and OT networks should be segmented in order to separate the medical devices’ network from other networks and to prevent lateral movement between networks.
  4. Preventing malware propagation on file shares – It’s necessary to prevent malware from encrypting file shares to reduce the risk of ransomware attacks.
  5. Complying to the regulations set by organizations such as HIPAA

Safe-T’s ZoneZero Solution

Safe-T has developed a solution that can change the way healthcare organizations grant secure access to their services. ZoneZero is the first ever Perimeter Access Orchestration platform which provides central management of all secure access technologies and helps organizations achieve Zero Trust Network Access (ZTNA). The solution incorporates models such as:

  • ZoneZero SDP – a client-less ZTNA solution for non-VPN users
  • ZoneZero VPN – a ZTNA solution for VPN users, achieved by integrating with all VPN solutions
  • ZoneZero MFA – a ZTNA solution for internal users, achieved by providing built-in and integration with third-party MFA and Identity Providers (IdP)
  • ZoneZero SFA – an SMB proxy for Windows file shares, converting SMB to HTTPS and adding MFA for file share access

Safe-T’s ZoneZero solution also allows healthcare organizations to support all access scenarios, including:

  • All user types – people (managed or unmanaged), applications, APIs, and connected medical devices
  • All user locations – external or internal
  • All application types – new or legacy
  • All application locations – cloud or on-premises

The solution provides all types of entities with secure, transparent, and controlled access to any internal applications, services, and data, including HTTP/S, SMTP, SFTP, SSH, APIs, RDP, SMB, and WebDAV.

Implementing Safe-T’s patented reverse-access (outbound) technology eliminates the need to open incoming ports in the organization’s firewall, enhancing the systems security. The technology gives healthcare organizations the ability to logically segment their networks and prevent lateral movement between IT, OT, and medical device networks.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Safe-T® Group Ltd.
Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data, while ensuring uninterrupted business continuity. Safe-T’s cloud and on-premises solutions ensure that an organization’s access use cases, whether into the organization or from the organization out to the internet, are secured according to the “validate first, access later” philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.

Safe-T’s wide range of access solutions reduce organizations’ attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.

With Safe-T’s patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.