Around the globe, digitization in the healthcare sector is being pushed forward. But the growing use of complex IT also harbors dangers: cyber attacks also pose a real threat to hospitals and medical facilities. It is necessary for them to ensure the security of their IT infrastructure – and a clinic in Central Hessen shows how.
Control centers for emergency services, ambulances equipped with WLAN interfaces, telemedicine – unfortunately, all of these can be gateways for hackers. After all, the entire healthcare system is geared towards efficiently evaluating electronic data – from test results to medical histories and the recording of extensive data records. The problem: This data is vulnerable because systems can be hacked.
Cyber attacks in hospitals
The use of IT increases the complexity of modern lives, but also the vulnerability of healthcare systems: Cyber attacks are now a global issue, and the risk of an attack is not limited to a specific country or manufacturer. Hospitals, doctors’ offices and other health care facilities have become the target of digital attacks and even so-called ‘ransom attacks’ worldwide. “The more we advance in digitalisation, the more we network medical technology and IT, the higher the danger,” Sebastian Polag – managing director of the Giessen-based Agaplesion Evangelisches Krankenhaus Mittelhessen (Protestant Hospital of Central Hessen – told the Ärzte Zeitung, a German newspaper for physicians and medical professionals.
For example, in April 2019, the United States Department of Homeland Security(DHS) warned against cyber attacks on pacemakers – these can also be a target for hackers.
And there have already been medical cyber attacks in Germany: The experience of the Lukas Hospital in Neuss has shown what serious consequences such an attack can have on hospital workflows. Trojan malware brought the entire hospital system to a standstill in 2016: The emergency room had to close, patients did not receive their medication and therapies, and operations had to be postponed. In the end, the fight against this malware cost around one million euros.
And the Hessen Ministry of Social Affairs and Integration alone has been notified of twelve attacks in the area since 2016, such as at the Wetterau Health Center, the Heiligen Geist Hospital in Frankfurt and the Hanau Clinic. The actual figures may even be higher, as not every attack is reported. In order to get the problem under control, Hessen’s Ministry of the Interior has created a cyber security unit to support the health facilities as a defensive measure.
What are the cyber risks?
Today’s medical cyber risks can be divided into three categories: Interruptions to practice operations, threats to the security of electronic health records (EHR) and threats to patient safety. Sometimes ransom money hidden in emails can encrypt files, making them inaccessible. They can so quickly disrupt a hospital’s IT network. Hackers could also gain access to patient data by exploiting loopholes in protection software and using them to blackmail patients.
Test attack on central Hessen hospital
Their defensive approach is working: In 2018, Berlin IT security company HiSolution carried out a test attack on the Agaplesion Evangelical Hospital in Giessen, central Hessen. This simulation was commissioned by the hospital itself — and the hospital passed the practical test with flying colors, thanks mainly to the security measures introduced after 2016. During this two day simulation, HiSolution’s IT experts tried in vain to access the hospital’s internal IT system. After HiSolution gained official access by disclosing their passwords, they were able to identify some weaknesses, which were then eliminated.
The test proves that it is possible for hospitals to fend off cyber attacks – but this requires appropriate security measures that every hospital must take beforehand. Only when every hospital is equipped with a good security system will cyber attacks no longer pose a threat.
It’s possible that the healthcare system could also learn from big business: In a representative cybersecurity study, the TÜV (Germany’s Technical Inspection Association) examined IT security in German companies. “In the survey, three out of four companies state that the importance of IT security has increased for them over the past five years,” said Dr. Michael Fuebi, President of the TÜV Association, at the presentation of the “TÜV Cybersecurity Study.” Adds Fuel, “We now know that even the best protective measures are not enough to prevent cyber attacks.” Organizations must also focus on identifying and controlling successful cyber attacks as quickly as possible, explains Fübi: “Emergency drills as well as penetration tests and special software for the detection of attacks will help here.” Artificial intelligence (AI) is now also frequently used in attack detection systems. According to this study, one in eight companies already uses artificial intelligence for its own protection. The companies currently use AI primarily to detect malware or anomalies in data streams. Another application is modern authentication.