Promoting healthcare system's cybersecurity

May 19, 2023 | 10:41
(0) user say
Cyberattacks pose a threat to the healthcare industry by leaking patient data and disrupting essential services. Huong Le, country manager of Exclusive Networks Vietnam, spoke with VIR's Thanh Van about how to improve cybersecurity in the healthcare system.
Promoting healthcare system's cybersecurity

What are the vulnerabilities in the healthcare systems in Vietnam and Southeast Asia?

In Vietnam's healthcare sector, and Southeast Asia's in general, cybersecurity is an area that requires attention to ensure the safety and privacy of patient data and the smooth operation of medical facilities. One of the main weaknesses in this area is the potential risk of cyberattacks on Internet of Medical Things (IoMT) devices, which can compromise sensitive patient information and disrupt essential services.

Another issue is the susceptibility of healthcare organisations to ransomware attacks and phishing schemes. Along with the aforementioned problems, these attacks can also lead to financial losses for the targeted institutions.

The potential for human error can be another factor in cybersecurity incidents. Addressing these vulnerabilities and implementing robust cybersecurity measures can help protect the healthcare sector in Vietnam from cyber threats, maintain patient privacy, and ensure the continuity of essential medical services.

What are the methods hackers can use to breach databases?

Hackers use a variety of techniques to breach databases, and these are continually evolving. One of the most common methods is phishing. This involves tricking users into providing login credentials or other sensitive information through emails or messages that appear to be from a legitimate source. Once the hacker has obtained the login credentials, they can use them to gain access to the database.

Another common method is SQL injection, which involves inserting malicious code into a website or application that uses a database. This code can then be used to manipulate or extract data. Malware is also commonly used to gain unauthorised access, including viruses, trojans, and other types of malicious software.

Social engineering is another way that hackers gain access to databases. This involves manipulating people into giving up sensitive information, such as login credentials. This can include methods such as pretexting, where the hacker pretends to be someone else to gain the information they require.

Brute force attacks are also commonly used to breach databases, where hackers guess login credentials repeatedly until the correct combination is found. This method can be time-consuming, but it can be very effective if the login credentials are weak.

Finally, vulnerabilities in both hardware and software can be exploited to gain the required access, which can include using known exploits or discovering new areas of weakness through research and testing.

What signs should healthcare professionals look out for?

There are several key indicators that may suggest a cybersecurity breach or attack is occurring. Firstly, unusual network activity should be closely monitored. This may include large amounts of data being transferred outside of normal business hours or from unusual locations. Any unusual traffic or activity on the network should be thoroughly investigated.

Phishing emails are another common sign of potential cyber threats. Cybercriminals often use these to gain access to sensitive information. It is important to be vigilant for emails that ask for this type of information, contain suspicious links or attachments, or have grammatical or formatting errors.

Malware is also a significant threat that should not be overlooked. Signs of malware may include unusual pop-ups, slow system performance, or unexplained changes to system settings.

Unauthorised access is another key indicator of a potential cybersecurity breach. It is important to monitor user activity and watch for any unauthorised access to sensitive information or systems.

Weak passwords are a factor that can be easily exploited by cybercriminals. Ensuring that all user passwords are strong and regularly updated, and that two-factor authentication is in place wherever possible, can help mitigate this risk.

Unsecured devices, including personal devices used by staff members, can also pose a threat to cybersecurity. It is important to ensure that all devices on the network are secure.

Finally, keeping all software and operating systems up-to-date with the latest security patches and updates is essential to avoid vulnerabilities.

How can the healthcare sector protect itself?

To protect the healthcare industry, there are several key steps that can be taken. It is crucial to be selective when choosing IoMT devices. Ensuring that these devices have robust security features can greatly reduce the risk of cyberattacks.

Next, implementing access controls is essential. By restricting access to medical devices and patient data to authorised personnel only, we can minimise the potential for unauthorised access and data breaches. It is also important to quickly discover and assess every device on the network, segmenting and enforcing privilege access to protect against both known and unknown threats.

Additionally, simplifying operations and streamlining cybersecurity protocols can help healthcare organisations maintain strong security. This involves regularly updating software, monitoring the network for weak spots, and having a clear incident response plan in place.

Addressing human error is another vital aspect. By mandating regular training and implementing ongoing tests of understanding for all staff, we can ensure that everyone involved in the healthcare industry is well-equipped to handle potential cyber threats.

Ultimately, a combination of technological and human-focused measures will be necessary to help safeguard the healthcare industry from cyber risks.

What are some professional cybersecurity solutions that can improve the security of healthcare systems?

There are many professional cybersecurity solutions that can be utilised to improve security. One such solution is the deployment of next-generation firewalls, which can provide advanced threat protection and granular control over network traffic.

Another solution is the use of intrusion detection and prevention systems, which can help healthcare organisations detect and respond to security incidents in real time, minimising the potential damage from any attacks.

Additionally, security information and event management solutions can help to monitor networks and detect suspicious activity. These tools can also provide detailed analysis and reporting, which can be used to identify patterns and trends in network traffic that may indicate potential threats.

An equally critical area of cybersecurity for health systems is endpoint protection. Traditional antivirus software is often not sufficient to protect against advanced threats, but endpoint detection and response (EDR) solutions can provide more comprehensive protection against malware and other attacks. For example, EDR solutions that are specifically designed for operational technology (OT) environments, such as those found in healthcare facilities, can help detect and respond to threats to medical devices and other critical infrastructure.

Some professional solutions that cater to healthcare institutions include cybersecurity (Palo Alto Networks), identity security (Okta), EDR (SentinelOne), OT Security (Claroty), network AI (Juniper/Mist), and security training (ThriveDX) to minimise human error.

By investing in these solutions, healthcare providers can better protect their networks, devices, and patient data, ensuring that they can confidently continue to provide high-quality care to their patients.

How cybersecurity clarity can be provided through fresh decree How cybersecurity clarity can be provided through fresh decree

On August 15, the Vietnamese government issued Decree No.53/2022/ND-CP to guide certain articles of the Law on Cybersecurity. Among other things, Decree 53 provides important guidance and clarification on the government’s power to apply certain cybersecurity measures, and on the ‘data localisation’ and ‘mandatory physical establishment’ requirements introduced by the law.

Cybersecurity legislation’s upgrade Cybersecurity legislation’s upgrade

The issuance of a new decree is deemed an important piece to complete the puzzle in terms of data protection in Vietnam. Dang The Duc and Thai Gia Han from Indochine Counsel point out the major highlights while also noting where some confusion or overlap may remain.

Revenue from cybersecurity sector up 33 pc in Q1 Revenue from cybersecurity sector up 33 pc in Q1

The Ministry of Information and Communications (MIC) recently reported positive results for the cybersecurity sector in the first quarter of 2023.

By Thanh Van

What the stars mean:

★ Poor ★ ★ Promising ★★★ Good ★★★★ Very good ★★★★★ Exceptional