Combatting the Rise of Ransomware Attacks in Healthcare
There was a time when the network admins we worked with in healthcare settings were most concerned about meeting requirements for HIPAA. Our out-of-band management customers needed to secure their networks (and prove their compliance) to ensure personal health information (PHI) was safe to avoid hefty fines for violations.
Today, ransomware attacks on the health sector have risen 300% since 2015, leading to a measurable impact on health outcomes as facilities near an operation impacted by ransomware take on the additional load of the most critical patients. Gone are the we’re-all-in-this-together days of the COVID-19 pandemic, when ransomware gangs made headlines by pledging to not attack healthcare and medical targets during the crisis. It’s not just HIPAA fines that drive IT groups, it’s the very real threat of health operations grinding to a halt.
During the pandemic, the network admins at Brooklyn Hospital utilized their newly-installed LM-Series console servers to manage their Cisco network infrastructure gear remotely. Typically, remote management is more efficient and convenient, especially with multiple facilities around New York, but during Covid facility lockdowns, non-medical staff, including the IT team, were prevented from even entering patient facilities. There was no access to networking equipment at hospital sites. Later, shortages in PPE (personal protective equipment) continued to limit network admin access to gear in sensitive areas of the hospital.
Today, in addition to improving uptime through real-time monitoring and management automation of network infrastructure, the LM-Series also provides the same network security that was initially built into the product for networks of the financial industry and military. Here are a few examples:
Granular Authorization
The LM-Series includes a granular authorization model that integrates with your existing access controls to provide highly configurable role-based authorization options. Utilizing a format of User X has Role Y on Resource Z, creating authorization policies are easy. Users can be a group or individual user, Role is a list of allowed and denied commands, and Resource is a system, port, modem, all, or server.
By customizing roles and assigning privileges, the model allows you to get as detailed as necessary but isn’t so complicated that you can’t get up and running quickly.
Rapid Response When There is an Issue
From the moment a healthcare facility realizes their network might have been hacked, a clock starts ticking. Minimizing the impact by locking down impacted or potentially impacted network functions is critical.
The Lantronix LM-Series can store configurations for a “safe mode” for network devices, limiting functionality to effectively quarantine sections of your network. With Lantronix you can rapidly push a config to one device, or thousands deployed across your network. Think of it as a panic button.
As the scope of the breach becomes clearer, admins can easily push additional configurations to bring unaffected services and locations back up across the network, ensuring the fastest return to normal possible. Network resiliency is defined not just by how unlikely the network is to get hacked, but even more importantly, how quickly it can be recovered.
Audit and Compliance
The LM-Series logs all changes made by users and the results of these changes. This information is saved locally and then transmitted to a central location for analysis and long-term storage. Logging, recording, and reporting are unaffected by the state of the network. The LM-Series continues to satisfy compliance requirements even during any network downtime.
How Safe is Your Network?
Whether you run a network in a healthcare setting or any other critical operation, the threat of ransomware is real, and defending your network is part of the challenge. Talk with Lantronix today about how out-of-band management with the LM-Series can be part of your first line of defense AND a source of resiliency for your network.