Healthcare: Malware PHI Data Breach Threat

Background

The global healthcare provider is an industry innovator when it comes to medical care for patients offering surgical and therapeutic interventions, as well as frontline and specialized patient care for immediate, regional, and national levels.

The challenge

The company’s increasing adoption of IoT medical devices such as pacemakers, implantable devices, remote patient monitoring devices, glucose monitoring, connected inhalers, ingestible sensors, and more, the surface attack area grew. As a result, the company experienced a disconnect between device discovery and device inventory, with a mounting number of unmanaged IoT devices.

In February of 2022, the organization had its system integrity and critical patient privacy compromised with a malware infection from a vulnerable, unidentified IoT device.

The breach resulted in over seventy eight hours of unauthorized access from cyber attackers and over 172GB of exposed data, endangering the integrity of patient care and lives.

The company realized the need for an advanced cybersecurity solution.

The Solution

After integrating with AI EdgeLabs, further investigation led our team to quickly identify the malware infection was made possible thanks to a single IoT connected device—an unmanaged remote patient monitoring system—that was using a decade-old operating system.

Our team further discovered important security challenges in the company’s infrastructures, which included:

• Lack of a better handle on how assets inside Edge servers connect to the network.
• Lack of vulnerability discovery and evaluation of how secure assets are.
• Lack of quick and easy methods to ensure clinicians can get to the information they need to give patients the best care possible.

The client quickly selected AI EdgeLabs as the ideal fit for their operations, serving as a robust layer of security that provides their IT security staff with insights into device inventory, Edge infrastructure, and overall network behavior that was previously unavailable.

AI EdgeLabs: Advanced medical and nonmedical network visibility

AI EdgeLabs protect the company’s critical infrastructure and intellectual property, such as research methods, treatment processes, and confidential records, across their IoT devices and Edge networks. By deploying AI EdgeLabs, the customer could see its whole network, including routers, IoMT/IoT/OT devices.

“Integrating AI EdgeLabs as an instrumental layer of cybersecurity for our Edge networks and IoT devices has been a seamless experience for our security teams,” сompany’s CISO states. “Thanks to exhaustive and accurate visualization and inventory of our medical and non-medical assets, our organization proactively mitigates even the slightest anomaly that signals the presence of a known or unknown threat vector. It’s been revolutionary for our cybersecurity posture.”

AI EdgeLabs, our AI-powered cybersecurity solution based on a predictive, deep-learning approach to IoT and Edge, defends against internal, external, and 0-day threats. AI EdgeLabs is more powerful than standard cybersecurity solutions because it creates and improves its own understanding of each network it monitors instead of depending on people to decide what's significant in the network data it sees.

The algorithms applied on the Edge side provide a novel way to analyze traffic signatures, automate security operations and extract signals from noise. Assets visibility gives inventory listing and relocation. Now, our client has real-time snapshots and actionable insights about known and unknown risks on all assets, including laptops, PCs, tablets, smartphones, and IoT devices.

Benefits of AI EdgeLabs for Healthcare

With AI EdgeLabs' network and device security automation, we:

• Automatically disable suspicious devices.
• Analyze device monitoring and report about anomalies in data.
• Block all suspicious devices.
• Use smart firewalling to kill compromised device connections.
• Automate incident response protocols to stop abnormal or blacklisted processes on crucial devices.
• Improve network threat and malware detection.
• Address rising asset infrastructure challenges.
• Prevent device attacks from causing damage.
• Enable real-time threat alerts to network and security personnel.
• Ensure scalable distributed defense infrastructure.