Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

The Healthcare Sector is Under Attack – It’s Time to Fight Back

By Archis Gore

The COVID-19 pandemic has dominated the news so far in 2020. Without a doubt, it’s the worst health crisis of our generation and it has many of us wishing we were back in the “good old days” of 2019.

All the chaos and disruption we’re going through is creating a huge opportunity for cybercriminals. The number of records exposed in data breaches in the first quarter of the year has skyrocketed to 8.4 billion. Nearly 1,800 new malicious COVID-19 themed internet domains are springing up daily, and millions of ransomware, malware, or phishing emails are flying around to trap the unwary or the curious.

In a particularly unpleasant twist, healthcare workers and organizations have become a specific target of these attacks. If you’re anything like me, it’s difficult not to become emotional about this horrifying state of affairs. It’s infuriating that cyber-criminals, cyber-terrorists, or other malevolent hackers – with no empathy or conscience – are seeking to profit from the current emergency. Even worse, they are trying to ambush the very people who are taking care of us.

Things have become so dire that the United States and UK governments have issued joint cyber warnings to alert healthcare and medical research organizations to these dangers.

Why Healthcare is an Easy Target

Sadly, the healthcare sector represents “low hanging fruit” from a hacker’s perspective.

Many organizations are still running on older hardware and archaic software builds, often unpatched for known security vulnerabilities. Right now, the situation is exacerbated by understaffed IT and security teams stretched to the limit coping with the increased demands being placed on them.

However, in some ways, healthcare is also a victim of its own success. That’s because technology is increasingly being utilized in truly innovative ways to improve patient care and treatments.

Here are just a few examples:

  • Edge computing, IoT, smart tech, and wearable devices are being used in hospitals or even at home for the continuous monitoring and treatment of patients with heart failure, diabetes, and other diseases.
  • Cloud-enabled smart apps are now being used to track the spread of the coronavirus. They are also used for monitoring the vital signs of seriously ill patients, for clinical trials, or a host of other trailblazing applications.
  • Advanced scanners, monitoring equipment, and end-point medical devices are delivering real-time patient data for medical staff in intensive care centers to improve diagnostics and outcomes when every second counts.
  • Research institutions are using high-performance computing (HPC) clusters in the data center or the cloud for advanced data analysis and pandemic modeling as a vital part of the current crisis response.
  • Patient medical records are rapidly shifting from paper charts to digitized electronic records ensuring critical information can be instantly available for faster decision making and treatment.

In short, modern medicine now relies on technology that encompasses everything from edge to core to cloud.

Unfortunately, the downside of all these advances is that the number of vulnerable end-points and the cybersecurity attack surface are also massively increased. As you can imagine, this is music to the ears of the bad actors seeking to exploit the situation.

Healthcare Protection from Edge to Core to Cloud

Whether you’re a senior IT decision-maker or an IT support professional in the healthcare sector, there are some big questions to address.

How can you mitigate the dangers and threats you are facing? How can you turn what the hackers view as a soft target into a fortress? How can you protect centralized and distributed systems; everything from edge to core to cloud?

It’s going to take more than simply relying on traditional firewalls and anti-virus software. What’s needed is a radically different approach that can be combined with existing measures to provide defense in depth.

That’s where ground-breaking solutions such as Polymorphing come into play. By using advanced compiler technologies, Polymorphing for Linux produces unique randomized instances of the operating system, effectively depriving hackers of the predictability they rely on to infiltrate IT systems.

That adds up to immunity from zero-day, code-execution, buffer overflow, and memory-based attacks. Everywhere from embedded IoT or edge computing devices, to containerized cloud native applications and also virtualized or physical data center environments. It means that even unpatched systems are virtually impregnable to almost everything in the hacker’s arsenal. Even better, it’s a low touch, low maintenance, “fire-and-forget approach that’s ideal when your IT staff are better employed supporting your operations elsewhere.

If you’d like to know more, why not register for the Polyverse sessions at SUSECONdigital’20 on May 20th. These online sessions are free to attend and you’ll hear Polyverse experts explain how to protect against zero-day cyberattacks, as well as how to secure your containerized and Kubernetes-based workloads.

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.