Solving the Cybersecurity Gap in Healthcare IT Digital Transformation

The following is a guest article by Terry Young, Director, Service Provider Marketing at A10 Networks.

The COVID-19 pandemic intensified public awareness of their personal vulnerability when broadband service becomes unavailable or gets disrupted. This has also spurred massive government funding to close the broadband gap (the digital divide) and provide connectivity to unconnected or underserved communities.   

But there is another gap that needs more attention, the “cybersecurity gap”. That is, the growing chasm between capabilities of cybercriminals against the inexperience of unserved communities and the resources of regional internet service providers now charged with extending essential broadband connectivity. 

The pandemic has ignited a significant rise in cyberthreats of all types targeting the most vulnerable residents and the most critical community services. Moreover, the reality is that communities in rural areas are especially vulnerable to distributed denial of service (DDoS) attacks due to the lack of security infrastructure and the vulnerability of the scarce community resources, such as healthcare, favorite targets for cyber-attackers. DDoS attacks, in particular, can knock out Internet access through the biggest access pipe rendering the broadband investment useless. DDoS attackers are known for exploiting the weakest link – those neglected entry points, the outdated network equipment, the essential health service that a small community can’t afford to be out of service.  

Rural Communities are Especially Vulnerable

In the US, there are about 2,300 regional internet service providers (ISPs) registered with the FCC. These 2,300 organizations try to cover the 20% of the US population and 97% of the landmass that is considered “rural”, including all the small healthcare facilities that serve rural communities. These are the companies that have stepped up in the past to provide connectivity in service areas that larger companies thought were uneconomic and they have the primary responsibility for “bridging the digital divide” for the remaining 23-42M US locations that are the focus of government broadband funding.

For those regional ISPs this rising threat landscape is especially challenging. These smaller organizations are essentially being called into the front lines of the cyber battle, serving the edges of the connected society, but without the resources, capital, or expertise of their much larger tier 1 counterparts.

Each new connected user is a potential target for cybercriminals. Research has shown that underserved residents face higher than average risks of being victims of cyber-attacks due to lower usage of online services, less experience in network technology and lower knowledge of cybersecurity principals or of the online security landscape.

 DDoS Attacks Continue to Make Headlines

DDoS attacks, which are often combined with ransomware, have surged in the last couple years, and now comprise over half of all security incidents. Every year, the size, duration, and frequency of DDoS attacks increases. Verizon reports that 60% of all security incidents are denial of service attacks. The average attack costs $20-40,000 per hour, and terabit-scale DDoS attacks are on the rise.

But most DDoS attackers would rather stay out of the limelight, targeting smaller, less defended organizations. Over 90% of DDoS attacks are under 10 gbps and average only 115 mbps. These are the types of attacks that rural ISPs and communities should be concerned about.

Healthcare a Prime Target

In rural communities, the scarcity of alternative health care facilities, the precarious financial situation of many rural hospitals and lack of security resources makes them easy victims for cyber attackers. According to Guidehouse analysis, 82% of rural hospitals nationwide are considered highly essential to their communities and 25% are at a high risk of closing. In 2021, the healthcare industry set aside about 6% or less of its IT budget on cyber security – with two out of every five respondents reporting their cyber security budget remained similar or shrunk last year. 

A DDoS attack targeting a hospital can prevent patients from scheduling online appointments for doctor visits, vaccinations, and testing and to healthcare providers who need access to the network for emails, prescriptions, records, and information to provide proper patient care. During the COVID-19 pandemic, cybercriminals increasingly preyed on the healthcare sector as organizations and individuals shifted to remote work and depended heavily on availability of online services.

So, What To Do?

While the challenges of cyber security may seem daunting to regional ISPs, many of whom have only 1-2 people of their IT security staff, the industry is slowly recognizing the importance of including cybersecurity in their rural broadband build out strategies and providing more resources to assist (e.g., see Cybershare, ISAAC, and CISA).  

There are many actions that even the smallest ISP can take to thwart a good number of attack vectors.  The vast majority of cyber breaches utilize well known techniques and could have been prevented by simply doubling down on basic security hygiene. Simple actions like eliminating use of default passwords, and keeping security patches up to date.

Regarding DDoS protection, many regional ISPs have only basic DDOS mitigation – which is only able to blackhole the traffic when a DDoS attack occurs. While this prevents the network from going down, it really supports the attackers objectives, which is to put the target victim out of service. Given the advancements by the cybercriminal ecosystem, this is an area that deserves re-investment, including automated and more granular detection. Some service providers are teaming up to share DDoS investment costs and capabilities and others are offering DDOS protection as a service for their downstream customers. This helps offset the investment cost for higher levels of protection.

Higher Priority for Security

Overall, security investment must be placed at a higher priority within the various initiatives intended to bridge the digital divide and extend broadband to unserved/underserved communities. DDoS attacks impair or block service to those very communities the broadband funding is intended to help. Ransomware and other cyberthreats render the infrastructure or broadband access of critical hospital services unusable. Broadband access must not only be fast, but it must also be safe to truly advance digital transformation with the highest levels of protection.

About Terry Young

Terry Young is Director, Service Provider Marketing, at A10 Networks. She is responsible for developing programs and marketing materials that describe the business value of A10 solutions for mobile network operators and other service providers. Young has more than 20 years’ experience in the telecommunications industry, including at AT&T (mobile and fixed businesses), where she developed market strategy recommendations for new business initiatives for AT&T. As a principal analyst for a syndicated market research company early in the 3G technology introduction, her 3G/4G market analysis and forecasts were published by the UMTS Forum. Young previously held positions with several start-up mobile infrastructure and software vendors, including Infoblox and Palo Alto Networks. She has an MBA from Arizona State University. 

   

Categories