Health trusts less susceptible to cyber attacks, but still worryingly vulnerable

New Forescout report reveals trusts are upgrading systems to protect against attacks, but still need to address vulnerabilities within their networks

Health trusts have had to improve systems as the sector becomes a target for cyber criminals

Healthcare organisations are successfully upgrading outdated operating systems in order to meet modern-day cyber security requirements, a new report from Forescout has revealed.

However, it also found there are still tangible vulnerabilities within their networks that have the potential to cause catastrophic damage and additional strain on critical services.

The company’s Connected Medical Device Security report has analysed detailed information from the 3.3 million devices contained within the Forescout Device Cloud.

And the number of soon-to-be-unsupported versions of Windows devices found in its sample of healthcare networks has decreased to 32%. Last year, that number was 71%, indicating that the industry is taking steps in the right direction to meet current cyber security standards.

The percentage of devices running entirely-unsupported operating systems, however - including Windows XP and Windows Server 2003 - has remained unchanged at 0.4%.

While this number is small, these devices tend to be some of the most critical within healthcare organisations, highlighting that the risk posed by legacy operating systems still remains.

It only takes one connected device to fall victim to a bad actor and ultimately take down an entire system, and that scenario doesn’t bear thinking about with the current pressure on healthcare services

“WannaCry crippled the NHS back in 2017 and outdated systems played a huge role in that, so it’s great to see that healthcare organisations are making the necessary improvements to their IT in order to keep their networks safe," said Rich Orange, regional director at Forescout.

"That said, many are still struggling to protect and secure every connected thing on the network.

“It only takes one connected device to fall victim to a bad actor and ultimately take down an entire system, and that scenario doesn’t bear thinking about with the current pressure on healthcare services."

The report also found that network segmentation within healthcare organisations is on the rise, with a sharp decrease in deployments running only one VLAN, while there is an increase in deployments with more than 25 VLANs.

However, computers, printers and even personal devices such as smartphones were often present in the same VLAN as healthcare equipment such as patient monitors and X-Ray machines.

To avoid an attack that could have the same impact as that of WannaCry, organisations need to have full situational awareness of their network

And for every VLAN with at least one healthcare device, 60% of organisations also had non-healthcare devices on the same segment. 90% of VLANs have a mix of healthcare devices and IT devices.

“To avoid an attack that could have the same impact as that of WannaCry, organisations need to have full situational awareness of their network,” said Orange.

“This, coupled with effective segmentation to stop attackers moving laterally through the network, will help prevent something as important as medical data being exploited or critical public services being taken offline.”