Skip to main content

Healthcare industry failing on cybersecurity

(Image credit: Image source: Shutterstock/Wichy)

Healthcare institutions are still rocking that 10-year-old Windows 7 or Windows Server 2008, putting themselves at serious risk of cybersecurity breaches, data theft, ransomware and all other kinds of nasties.

This is according to a new report by Forescout, based on the analysis of 75 healthcare deployments with more than 10,000 virtual local area networks (VLANs) and 1.5 million devices contained within the Forescout Device Cloud.

To add insult to injury, the fact that 71 per cent of devices run on Windows 7 is not the only major issue – the diversity of device vendors also adds to the complexity and increases challenges.

Forty per cent of healthcare deployments had more than 20 different operating systems. Almost a third (30 per cent) of healthcare deployments had 100 or more device vendors on their network. In such an environment, patching becomes a challenge, too.

“Some healthcare devices cannot be patched, may require vendor approval or need manual implementation by remote maintenance personnel,” the report states.

Eighty-five percent of devices on medical networks running Windows had Server Block Messaging (SMB) protocol turned on, allowing uncontrolled access for attackers to get beyond the perimeter and move laterally.

“Device manufacturers sometimes leave network ports open by default—often unbeknownst to IT and security staff,” the report adds.

“Our findings reveal that healthcare organisations have some of the most diverse and complex IT environments, which are compounded due to compliance risks,” said Elisa Costante, head of OT and Industrial Technology Innovation at Forescout.

“Every time a patch is applied, there is concern around voiding a warranty or impacting patient safety. These organisations are dealing with lifesaving devices and extremely sensitive environments.”

Image source: Shutterstock/Wichy