The COVID-19 pandemic has dominated the news so far in 2020. Without a doubt, it’s the worst health crisis of our generation and it has many of us wishing we were back in the “good old days” of 2019.
All the chaos and disruption we’re going through is creating a huge opportunity for cybercriminals. The number of records exposed in data breaches in the first quarter of the year has skyrocketed to 8.4 billion. Nearly 1,800 new malicious COVID-19 themed internet domains are springing up daily, and millions of ransomware, malware, or phishing emails are flying around to trap the unwary or the curious.
In a particularly unpleasant twist, healthcare workers and organizations have become a specific target of these attacks. If you’re anything like me, it’s difficult not to become emotional about this horrifying state of affairs. It’s infuriating that cyber-criminals, cyber-terrorists, or other malevolent hackers – with no empathy or conscience – are seeking to profit from the current emergency. Even worse, they are trying to ambush the very people who are taking care of us.
Things have become so dire that the United States and UK governments have issued joint cyber warnings to alert healthcare and medical research organizations to these dangers.
Sadly, the healthcare sector represents “low hanging fruit” from a hacker’s perspective.
Many organizations are still running on older hardware and archaic software builds, often unpatched for known security vulnerabilities. Right now, the situation is exacerbated by understaffed IT and security teams stretched to the limit coping with the increased demands being placed on them.
However, in some ways, healthcare is also a victim of its own success. That’s because technology is increasingly being utilized in truly innovative ways to improve patient care and treatments.
Here are just a few examples:
In short, modern medicine now relies on technology that encompasses everything from edge to core to cloud.
Unfortunately, the downside of all these advances is that the number of vulnerable end-points and the cybersecurity attack surface are also massively increased. As you can imagine, this is music to the ears of the bad actors seeking to exploit the situation.
Whether you’re a senior IT decision-maker or an IT support professional in the healthcare sector, there are some big questions to address.
How can you mitigate the dangers and threats you are facing? How can you turn what the hackers view as a soft target into a fortress? How can you protect centralized and distributed systems; everything from edge to core to cloud?
It’s going to take more than simply relying on traditional firewalls and anti-virus software. What’s needed is a radically different approach that can be combined with existing measures to provide defense in depth.
That’s where ground-breaking solutions such as Polymorphing come into play. By using advanced compiler technologies, Polymorphing for Linux produces unique randomized instances of the operating system, effectively depriving hackers of the predictability they rely on to infiltrate IT systems.
That adds up to immunity from zero-day, code-execution, buffer overflow, and memory-based attacks. Everywhere from embedded IoT or edge computing devices, to containerized cloud native applications and also virtualized or physical data center environments. It means that even unpatched systems are virtually impregnable to almost everything in the hacker’s arsenal. Even better, it’s a low touch, low maintenance, “fire-and-forget approach that’s ideal when your IT staff are better employed supporting your operations elsewhere.
If you’d like to know more, why not register for the Polyverse sessions at SUSECONdigital’20 on May 20th. These online sessions are free to attend and you’ll hear Polyverse experts explain how to protect against zero-day cyberattacks, as well as how to secure your containerized and Kubernetes-based workloads.