Maximizing Healthcare Security with NDR: Best Practices and Buying Tips

Discover how this new NDR technology can help secure your network

Threat Intelligence: NSA & CISA Recommendations for Reducing OT and CS Threat Exposure

New Alert Issued: AA20-205A
Cynerio
Jul 27, 2020
Threat Intelligence

Alert Information

CISA and the NSA issued an alert (AA20-205A) on July 26, 2020 regarding the increased threat of cyber attacks on critical infrastructure through connected Operational Technologies (OT) and Control Systems (CS) vulnerabilities.

Systems & Assets Affected in Healthcare Environments

Critical OT like HVAC cooling systems for pharmaceutical products, pneumatic tube systems, elevators, and fire control systems are at risk. In addition, IoMT devices including infusion pumps, MRI and CT machines, heart monitors, and others are at equal risk.

How Are Organizations Being Targeted?

Threat actors can exploit OT and CS through:

  • Spearphishing
  • Deployment of commodity ransomware
  • Connecting to Internet-Accessible PLCs and modifying control logic and parameters
  • Downloading modified logic control and hacking controllers via ports and standard application layer protocols
  • Exploiting vendor software to get unauthorized access

How Can This Impact Health Care?

A breach can directly impact clinical workflow and the ability to deliver critical medical care:

  • OT networks and communications can become unavailable or rendered inoperable
  • Organization-wide workflow disruptions
  • Loss of access by authorized personnel
  • Damage to productivity jeopardizes patient safety and confidentiality, can compromise business integrity, and result in significant revenue losses

How Can Cynerio Help Mitigate the Threats?

Step 1: Understand the clinical impact of systems and assets before disconnecting them in order to ensure uninterrupted medical services and organizational workflow

Step 2: Disconnect low-priority functionalities from systems to decrease risk

Step 3: Harden your network with North-South and East-West segmentation, vendor access management, software updates, and patching

Step 4: Create a network map of all OT systems and assets

Step 5: Conduct continuous monitoring and cyber risk assessments

To schedule a free risk assessment and learn how your assets may be affected today, contact us today.

read next

Threat Intel: Johnson Controls International (JCI) Hit by Ransomware Attack

Vicki Michaeli
Sep 29, 2023

Threat Intel: Log4j - Critical Zero Day Vulnerability

Cynerio
Dec 13, 2021
Go Back to Blog

Keep your finger on the pulse of Healthcare IoT security

Get Your Free Pass to HIMSS21

August 9 -13, Las Vegas

HOW? Easy! If you are a Healthcare IT Executive and you book a 30-minute call with us before July 30th, you get a free pass (valued at $1295)

Book a Call

*Please note that there is limited pass availability

Product
Healthcare Cybersecurity PlatformPatient Data SecurityNetwork Detection + ResponseComplete Asset VisibilityMedical Device SecurityCynerioLive
Resources
BlogDatasheetsWhite PapersUse CasesPartnershipsInfographicsMediaVideosWebinars
Company
About UsLeadershipPress ReleasesCareersContact Us
Partners
ResellersDistributorsTechnology & Alliance PartnersMSSPReferral Partners
Follow us
Facebook
LinkedIn
X
© Copyrights Cynerio 2024
Privacy Policy
SOC 2 Badge
The Standards of Institution of Israel Badge