The Plague Sweeping Through Healthcare IT

Hospitals see patients with viral infections on a regular basis. Most of the time, however, doctors can only treat the symptoms of the virus, and not the virus itself – that’s a job for the patient’s immune system to handle.

Similar to biological viruses, computer viruses that infect medical devices often cannot be treated directly. Once a virus creeps into the hospital system, it’s up to the system itself to fight it off. Due to the outdated nature of many of these healthcare devices, these exploits or infections are often catastrophic – causing healthcare IT and clinical/bio-meds departments to lose millions of dollars annually and putting patient care in jeopardy.

Below, we have listed a few common questions we’ve heard from our customers about the plague that is currently sweeping through healthcare IT.

Why is this even happening?

Let’s say your credit card gets stolen. You can call your bank, request a new credit card, and get whatever loss you sustained refunded, all within the same day.

If your healthcare records are stolen, you can’t deal with it as easily. A person’s health record contains highly private and sensitive information that provides a lifetime of opportunity for target exploitation. Healthcare records are up to 10 times as valuable as credit card records, making them a juicy target for opportunistic hackers.

Why can’t we sit back and let it run its course?

Every single day there are press articles on how WannaCry devastated a hospital, or a new ransomware caused operational disruption resulted in hospital rerouting ambulances to the nearby hospitals. The symptoms of these viruses can result in the loss of millions to the healthcare industry, and be causing widespread confusion and slow down of processes in areas where quick thinking and careful treatment is necessary.

Why can’t we make our IT immune system stronger?

To bolster the “immune system” in hospital systems, IT professionals can upgrade and patch vulnerable systems and fend off the attacks and give these devices better protection. However, upgrading and patching are incredibly difficult.

Unlike the auto-upgrades you may see on your laptop, medical device upgrades require a lot more individual attention. Manufacturers have a hard time rolling out patches for millions of units in the field because medical devices are embedded systems with a multitude of software components with potential security vulnerabilities and also have to go through an usually long FDA approval process.

Bringing equipment back to its original operating condition and guaranteeing that it is ready for patient usage is an arduous, expensive, and time-consuming process that has no guarantee of actually working. Protecting precious medical devices is a never-ending race. They will always lag behind the computer industry for a good reason and be always vulnerable to hacking if left unattended.

Why can’t we go into full quarantine?

We live in a connected world where each and every device needs to record and report vital patient data to the healthcare management system without manual intervention. Hospitals rely on cloud-based offerings, from enhanced radiology services to thermostats that monitor and preserve medical specimens stored in freezers.

In addition, because of the high costs of equipment, many hospitals lease or rent on a regular basis. Even the people employed by a hospital are often hired contractually, and hospitals have countless visitors that cannot be screened.

With remote clinic or telemedicine-based delivery, and countless mergers and acquisitions, healthcare IT staff are always challenged to offer the best patient care.

The Vaccine or Preventive Cure:

The recommendation from the manufacturing community calls for

a) segregating network access (segmentation)

b) block internet connectivity

c) go back to standalone mode.

This is no different than what NIST recommends, or HIPAA imposes on hospitals.

We at Ordr are trying to help on all the recommendation here on this issue. We call our technology a “virtual-patch”. A virtual-patch provides compensating controls for the medical devices by simply programming the installed base of switches, routers, and wireless access points to

a) reduce the exposure of devices spreading malware inside the corporate IT networks

b) to control the type and amount of external traffic from/to this medical devices and

c) protect the precious medical devices in real time as soon as an issue arises.

Even better, as the word goes “prevention is better than cure” Ordr allows IT to put preemptive controls that prevent malware and ransomware gaining control of these medical devices.

It all starts with simple diligent everyday hygiene. Having accurate inventory and visibility on what is connecting to the network day in and day out is the key. Continuously monitoring for malware exposure or vulnerability exploits and apply preventive measures is an absolute must. Watching internet communication and restricting it to a narrow set is even more critical.

Please stop by our booth at HIMSS 2018 to get a demo of our product that could help you along this journey. Together, we can make a change in the current landscape, much desired and way overdue. Let us stop this hacking trend once and for all and we are excited to be part of this great mission.

Pandian Gnanaprakasam

Pandian has more than 20 years of product and engineering leadership experience and is also a serial entrepreneur. Before founding Ordr, he was the Chief Development Officer at Aruba, responsible for all of engineering and product management functions. Aruba, an enterprise mobile wireless company, was acquired by HPE for $3 Billion in March 2015. Before Aruba, Pandian served as the head of engineering for Cisco’s multi-billion-dollar Wi-Fi business unit and before that as VP of engineering for low-end switching product lines. He graduated with a master’s degree in Electrical Engineering from IIT, Chennai, India and holds several patents to his credit in various networking technologies.