When it comes to security in any sector, prevention is better than cure. DOROS HADJIZENONOS, Country Manager of Check Point, discusses the latest threats to the healthcare industry and how the industry can increase its protection against cyber-attacks.
The healthcare industry, arguably one of the most technologically advanced considering the gadgets and devices now used to monitor health statistics and perform medical procedures, is ironically among the most ‘unhealthy’ when it comes to network security.
Delegates attending the recent Healthcare Innovation Summit were told that medical records are being increasingly targeted by cybercriminals – data from the US showed that 89% of healthcare institutions suffered a security breach and were twice more likely to be targeted than other organisations.
Healthcare record theft increased a shocking 1100% this year with more than 100 million records compromised worldwide. The biggest threat, says KPMG, comes from external attackers – at 65% – while malware tops the list of information security concerns.
But why is an industry with the technological ability to perform surgery on patients in other countries so sick when it comes to protecting information?
The answer is multi-faceted:
- Valuable data. Data collected and stored by hospitals and other organisations, such as medical aid schemes, is up to ten times more valuable to cybercriminals than credit card information. This is due to the sheer volume of information gathered about individuals – and the fact that we’re seeing an increased shift to digital medical records – which makes it easy to commit fraud and identity theft. Given the value of this data on the black market, cyber-attacks are becoming ever more sophisticated in their attempts to hack healthcare institutions.
- Ageing infrastructure. Hospitals are melting pots of outdated infrastructure, old operating systems and state-of-the-art medical technology, all communicating over the same networks. Often, hospitals take an ‘if it’s not broken, don’t fix it’ approach to technology, so devices may not be patched with the latest software versions, for example. The problem, however, is that the system is very much broken. KPMG found that, in terms of technical capabilities, the healthcare industry is behind other industries when it comes to protecting infrastructure and information.
- Complex networks. The fact that so many different people, devices and departments need to access a medical institution’s records forces them to adopt open networks. Add to this the increasing number of Internet of Things and the myriad Internet-connected gadgets connecting to the network and it becomes difficult to secure and even more vulnerable to attack.
- No budget. Security spending in the healthcare industry is at times as little as one-tenth of what other industries spend. When it comes to technology spending, a new MRI machine will likely win the budget lottery over security software.
- Easy targets. Ransomware is one of the biggest methods used by cybercriminals to gain access to medical data. This involves ‘kidnapping’ the data and only releasing it once the hospital pays a ransom. Because medical organisations are generally dealing with crises, they need urgent access to their data and are more willing to pay the ransom to get back up and running as quickly as possible. Cybercriminals know this and are exploiting it.
- Lack of understanding and awareness. Although medical institutions are becoming more technologically centric, that’s not to say they’re focusing on technology and there’s a lack of understanding of what’s going on when it comes to cyber security. There needs to be an increased understanding of how to defend against attacks like ransomware, coupled with a bigger focus on educating staff and users on how to spot phishing attacks – people are, after all, the weakest link in the security chain.
Prevention is better than cure
It sounds clichéd but, when it comes to security in any sector, prevention certainly is better than cure.
In order to gain a holistic overview of the network, technology managers need to design the infrastructure from the bottom up, starting with the physical layer, comprising devices and other hardware, and working up to the application layer. This multi-layered approach to security gives IT managers more visibility into the network so that they can see what data is coming into and leaving the network and can implement controls as required. For example, sensitive patient information can be encrypted as it traverses the network between devices, while less sensitive information, such as that collected by fitness devices, can be subject to less stringent protection measures.
Education of staff members is also critical. They need to be able to identify hacks such as spear phishing and ransomware attempts so that they know not to click on malicious links and to alert the IT department to such attempts. There also needs to be a general increase in awareness within the healthcare sector of the various methods used by cybercriminals to gain access to medical data. In many cases, medical institutions do not even know that they’ve been infiltrated purely because they don’t know the warning signs. They need to take a more proactive approach to network security and understand how to prevent certain attacks.
Security should not be reactive and should not be done just because organisations want to comply with legislation such as the Protection of Personal Information (POPI) Act. But unfortunately, this is the case in the healthcare industry and it’s the reason why they are always one step behind the attackers. Rather, security should be about prevention and the desire to ensure the integrity of sensitive information.
Huawei Mate 20 Pro matches camera benchmark record
A benchmark by DxOMark sees the triple-cam handset tie with the P20 Pro for best smartphone camera on the market.
The Huawei Mate 20 Pro has come out top in a camera benchmark test that assesses all aspects of smartphone camera performance.
DxOMark, which conducts rigorous hardware testing and is trusted as an industry standard for image quality measurements, has just released the results of its in-depth analysis of the Huawei Mate 20 Pro smartphone camera.
The Huawei Mate 20 Pro is the Chinese manufacturer’s latest top-end device. Building on the P20 Pro’s camera technology, the Mate 20 Pro comes with a Leica-branded triple-camera setup, but swaps its stable-mate’s monochrome camera for a super-wide-angle module, offering a 35mm-equivalent focal length range from 16 to 80mm—the widest of all current smartphone cameras.
The handset is in direct competition with the Apple iPhone XS Max, the Google Pixel 3 XL, the Samsung Galaxy Note 9, among other. How does it fare?
“With a total photo score of 114, the Huawei Mate 20 Pro ties the record-setting score of its cousin, the P20 Pro,” says DxOMark. “The overall Photo score is calculated from sub-scores in tests that examine different aspects of its performance under different lighting conditions.”
The Huawei Mate 20 Pro achieves a photo score of 114 points. In stills mode, the Mate 20 Pro’s triple camera captures images with good target exposure and a wide dynamic range, recording both good highlight and shadow detail even in difficult high-contrast situations. Noise levels are well under control down to low light levels, and the camera’s white balance system and colour rendering settings produce a pleasant colour response in almost all circumstances.
At 97 points, the Mate 20 Pro is very close to the best for video as well, thanks to a fast and smooth autofocus system with good tracking performance, accurate white balance as well as pleasant colour rendering, and low levels of noise, especially in bright shooting conditions. Our testers also liked the exposure system’s ability to adapt quickly and smoothly to changes in illumination.
It was not all good news. DxOMark also had some criticism for the device.
Click here to read about the drawbacks of the Mate 20 Pro camera, and other positives.
SA car wins
The final stage of Dakar 2019 drew to a close at the bivouac in Pisco, Peru, and saw Toyota Gazoo Racing South Africa’s Nasser Al Attiyah and Mathieu Baumel bring home their South African-built Toyota Hilux for
The Qatari driver ensured his French navigator, who turned 43 years old on Thursday, 17 January, received a great birthday present, when the pair arrived at the final time control of Dakar 2019 with teammates Giniel de Villiers and Dirk von Zitzewitz in close formation. The two Toyota Hilux crews completed the entire stage together, as De Villiers / Von Zitzewitz waited nearly 55 minutes for the leaders to start the stage, in order to shadow them to the finish.
The emotions bubbled over for Team Principal Glyn Hall, who found himself without words as his two crews drove into the media area after the time control. “This victory was long overdue,” he finally managed, before being swamped in a sea of well-wishers.
The winning driver, however, was much more vocal: “We are so happy to win the Dakar – not only for ourselves, but also for Toyota and the entire Toyota Gazoo Racing SA team. Everyone has worked so hard for so long, and really deserve this. Thank you for letting us drive this car.”
Toyota Gazoo Racing SA led Dakar 2019 from the first to the last stage, with Al Attiyah/Baumel drawing first blood, before handing the mantle to De Villiers / Von Zitzewitz during stage 2. But then a disastrous Stage 3 saw the Qatari retake the lead – a lead he didn’t relinquish despite some of the toughest stages yet seen on any South-American Dakar.
“When we first heard that the rally was going to take place only in one country, we were skeptical,” said Hall after regaining composure. “But the organisers made sure that this year’s race will long be remembered as one of the toughest tests in the last decade.”
Al Attiyah / Baumel’s victory at Dakar 2019 means that Toyota Gazoo Racing has now won both of the world’s toughest automotive races – the 24 Hours of Le Mans, and the DakarRally.
Click here to read Glyn Hall’s comment on winning the Dakar Rally, as well as the rankings.