Beyond these challenges, protocols for running secure systems remain challenging. The survey determined that “eighty-five percent of devices on medical networks running Windows OS had Server Block Messaging (SMB) protocol turned on, allowing uncontrolled access for attackers to get beyond the perimeter and move laterally,” noting that it is not all the hospital IT staff's fault. “Device manufacturers sometimes leave network ports open by default — often unbeknownst to IT and security staff,” according to Forescout.

The global attack in 2017 by the WannaCry ransomware was a recent, prime example of the exploitation of legacy systems. The malware struck over 300,000 computers worldwide, mostly running Windows 7, according to Kaspersky Labs via The Verge.

Albany Medical Center's vice president and chief information security officer Kristopher Kusche said about healthcare IT at an HIMSS 2018 presentation in the wake of WannaCry that, “because of our position and because of the way we have elaborated our infrastructure not to keep up with sectors like banking, we have become targets, accidental targets.” He added, “There’s not one federal agency that will say that health care was in the attack vector on these things. We weren’t in the plan. These things wouldn’t have targeted us, which kind of makes it a little more difficult because these things were random. Now, we have to protect against everything because we’re not the target, we’re not the target of this stuff. But where somebody finds a hole, they take advantage of it.”


Back to HCB News

Health IT Homepage