BACKGROUND:
Elekta, a Swedish service provider of advanced radiation treatment software, has confirmed a security breach of their software for linear accelerators used in radiation therapy. The breach is reported to have resulted in service outages 42 US hospitals and care centers. A cybersecurity expert with Byos offers comments in response.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>Here again we see the healthcare market being targeted by cybercriminals. In this case it\’s a supply chain attack via a third party application, Elekta. It\’s so devastating when people\’s lives and medical treatments are at risk due to ineffective or outdated cybersecurity measures.</p> <p> </p> <p>As always, organizations are only as secure as the weakest link in their supply chain. Malicious actors will look for any way in and will always take the easiest path. The best defense is a proactive offense. If your third party vendors can’t maintain adequate security protocols then you will have to put in place proactive measures such as behavior-based security analytics which can detect these sorts of unknown threats in real-time. Saving lives is of utmost priority.</p>
<p>This attack demonstrates the need to rethink how medical equipment and devices can be secured online using zero trust principles. Healthcare Delivery Organizations rely on a universe of OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot some of the most critical and sensitive software, medical equipment and devices.</p> <p> </p> <p>Flat networks, or networks with minimal segmentation will continue to experience these kinds of widespread-impact incidents. Undergoing a full zero trust implementation can take time, but a simple and achievable first step would be to apply the principles of \"micro-segmentation\" to minimize the risk of lateral movement and mitigate the impact of breaches from supply chain attacks. When networks are micro-segmented, IT has more visibility and control over the traffic flows and can isolate and remediate endpoints at the time of attack, while ensuring the rest of the network is protected.</p>