By Leon Lerman / Special to Healthcare Facilities Today

As if the logistical mayhem springing out of the COVID-19 crisis weren’t enough, cyber attacks against hospitals are skyrocketing right now.

Since March 2020, hackers have launched attacks against the HHS in the US, have blasted a ton of ransomware and phishing attacks, impersonated the WHO, and completely shut down a COVID-19 testing facility in the Czech Republic. 

As John Riggi, the American Hospital Association’s (AHA) senior adviser for cybersecurity and risk, put it: “Worst-case scenario, life-saving medical devices may be rendered inoperable.” 

Device distancing: Steering clear of network infections

Cyber infections spread a lot like biological ones. Where biological viruses like COVID-19 or the common cold spread from person to person, cyber infections can spread from one connected medical device to another. 

Cyber attacks can target life-saving devices used to treat critical COVID-19 patients like IV pumps and ventilators. They can also target diagnostic lab equipment like IVD (in vitro diagnostics) devices.

Here's how it could happen:

• Jack, an IT specialist at your hospital, opens a PDF they received via email at their workstation. The PDF contains malware.
• When Jack opens the file, the malware spreads to a nurse’s station, which is on the same subnet as IoMT devices in the COVID-19 quarantine ward. 
• Once the malware is in the subnet, it can spread to any IoMT device on that subnet, including ventilators, patient monitors, infusion pumps, and more. 
• The malware shuts down devices, threatening the lives of every patient that depends on them.

If even one connected device at your hospital gets infected, it could spread and force a hospital-wide shutdown. Obviously, this isn’t an option.

Just like the best way to limit the spread of disease among people is to practice social distancing, the best way to protect your clinical network and medical devices is to separate  them from each other. This separation is called segmentation.

Think of healthcare network segmentation as social distancing for medical devices. 

Segmenting clinical networks safely

Segmenting clinical networks to prevent the spread of infection is more complicated than social distancing is for people. Hospital segmentation policies have to account for dynamic medical environments, plus the risks of cutting off certain device communications:

• Devices are being connected and disconnected to the network everyday. This makes sense, since devices are used by medical staff to treat patients, and patient safety and privacy is a hospital’s number one priority.
• If a device is vulnerable to known threats or showing suspicious communications patterns, it can’t be automatically disconnected from the network. Other devices might rely on it to function normally, and patients rely on those devices to stay alive. The infected device might have to talk to an external server, like its vendor, to function normally. 

If you want to segment your clinical network safely, all of this has to be taken into account. The best way to do this is by using a healthcare IoT cybersecurity solution.

Safety First: Healthcare-Specific IoT Cybersecurity Solutions

Safely segmenting clinical networks depends on getting a clear picture of your clinical network. Cybersecurity solutions developed specially for health care come with tools that give hospitals a bird’s-eye view into device communications, plus insights into IoMT devices that traditional IT technologies don’t:

• What does the device do?
• What kind of impact would taking it offline have on medical services?
• Does it need to connect to external servers or other devices on the network to operate normally?
• Does the device have any known vulnerabilities and can they be patched?

Healthcare IoT security tools give hospitals a picture of medical devices’ internal and external communications instantly, even if they’re being migrated to different servers, plus a profile of devices’ risk impact within your hospital’s unique clinical environment.

Safe segmentation policies can’t be built without these insights. And without segmentation, hospitals are just as vulnerable to cyber attacks as people are to pathogens. 

Now, with cyber attacks spiking in the midst of the COVID-19 Coronavirus pandemic, it’s more important than ever to protect ourselves by practicing social distancing and to protect our hospitals with safe segmentation policies.

To learn more about safely and effectively combating cyber attacks on hospitals during pandemics or on any regular day, read Cynerio's white paper, Network Segmentation for Hospitals: Challenges and Technology Solutions. 

Leon Lerman is the CEO and Co-founder, of Cynerio

Read Part One.