Three ways internet isolation technology protects healthcare from cyberattacks
June 26, 2019
By Mehul Patel
Anyone who has either had cancer or is family or friend to a cancer survivor, knows all too well how vulnerable the disease can render the body, not to mention the fear and stress involved with a diagnosis and treatment. So, given that, it is simply horrendous that so many cybersecurity attacks have been levied against healthcare institutions. For instance, patients of the Newark-based Medical Oncology Hematology Consultants (MOHC) recently began receiving notification letters of a breach that occurred a year before. Officials say that a cyberattack targeted an email account on June 7 or 8, 2018.
Adding to this, only a few weeks later, it was announced that another major healthcare breach occurred when Quest Diagnostics reported that nearly 12 million of its customers may have had personal, financial and medical information breached due to an issue with one of its vendors. All these attacks can only add yet another layer of terror for patients who must learn, often months later, that their private data has been compromised.
As the list of attacks against the healthcare industry continues to rise, cybercriminals will always target those organizations with the weakest defenses and the most valuable data. The fact is, there are few industries as dependent on personal data and information than healthcare; without patient records, and access to medical and network devices, a healthcare facility cannot operate — which makes securing data not just an IT function, but a lifesaving mandate.
Compounding the crisis, medical institutions often lack budget and IT staff to keep ahead of cyber threats, and as a result, are playing a perpetual game of catch-up. Another and often overlooked reason for the vulnerability of healthcare institutions, is the high number medical professionals using personal web mail accounts, which makes healthcare institutions ripe for phishing email attacks. While many healthcare organizations supply employees with education and sessions to learn how to detect a phishing or malicious email, even the most technologically sophisticated professionals can be tricked into allowing dangerous malware into the organization’s network.
Why the healthcare industry needs zero trust internet
Today’s security solutions have been playing with fire, with a “detect and protect” approach — using products that are all trying to determine what is “good versus bad.” Firewalls block internet traffic based on whether something is identified as being a threat or not. While many of these solutions can easily understand what is or is not a threat if the threat has been identified, the main fault of this approach is that there are, literally, thousands of new malicious exploits revealed each day and it can take time to figure out which data are safe and what are not.
Zero trust Internet overcomes this shortcoming in today’s cybersecurity products. It is a default deny approach that is fundamentally different from the way cybersecurity products work. Today’s products categorize internet content and websites as being malicious or safe, and this approach is known to fail. Internet isolation enables a zero trust internet and takes the guesswork out of security by assuming all internet content and websites are malicious. The healthcare organization’s network is completely safe from web and email threats from the Internet.
As a result, security and IT personnel often report that more than half of breaches take months or longer to detect and even longer to fix — which was the case with the MOHC — as it took a year for patients to learn their private medical data could be in the hands of cybercriminals. While security technologies such as machine learning, and AI are now being deployed and can help, these are nascent solutions that still take time to analyze new exploits. That means there can be a gap of weeks or months between the initial “patient zero” infection and effective mitigation. During that time, many others can fall victim to the attack.
How to protect against malicious cyberattacks 100 percent with internet isolation technology
Imagine there is a “cure” for vicious cyberattacks. The cure is zero trust internet, enabled through internet isolation.
Internet isolation has proved to secure healthcare organizations 100 percent of the time against browser-related or email attacks. Internet isolation works by removing the browsing process from the desktop and moving it to the cloud. This effectively creates an “air gap” between the internet and the healthcare organization’s network, completely eliminating potential sources of attack. In the internet isolation model, malware has no path to reach an endpoint and legitimate content needn’t be blocked in the interest of security. With a native user experience, administrators can open up more of the internet to their users while simultaneously eliminating the risk of attacks.
Three reasons why internet isolation works 100 percent of the time for healthcare organizations of all sizes
1. Internet isolation allows employees to safely browse the internet and utilize external email without additional restrictions: Users who engage with internet isolation technology are 100 percent isolated from all malware threats when clicking on an email link, including ransomware. Therefore, rather than introducing more restrictions to healthcare employees to protect the network, internet isolation enables healthcare staff to access their external webmail or browse the internet, while providing complete protection from phishing and other malicious attacks, including malicious web links and attachments. Internet isolation technology removes the difficulties in distinguishing between legitimate and malicious email, web links and content and provides a secure, trusted execution environment.
2. An Internet isolation platform can eliminate credential theft, particularly those targeting physicians and other healthcare workers using webmail accounts. Any link in any email is isolated, alleviating email-based malware threats, including ransomware. While phishing itself is a dangerous intrusion, credential theft is another phishing danger that is a catalyst for even more serious attacks. An internet isolation platform can prevent sensitive user information — such as credentials of healthcare workers and physicians (including user names and passwords) that may lead to patient credit card and banking information, social security numbers, and other sensitive healthcare and patient data — from being entered into malicious web forms on phony phishing web pages.
3. Cloud deployment can support thousands of healthcare workers — no one is left behind: A cloud-based internet isolation platform can support tens, even hundreds of thousands of users. As the number of users or traffic surges, an internet isolation platform must be able to scale and adapt. As a rule of thumb, any security platform that a healthcare organization deploys should be simple and provide a seamless user experience, and an internet isolation platform is no exception.
The current approach of blocking the bad is not working, and is failing the healthcare industry. It is impossible to trust anything on the internet, with thousands of new threats appearing every day. Zero trust internet is a new approach to security. Through internet isolation it can completely remove the threat of ransomware, malware, and credential theft from web and email attacks and other exploit methods, particularly those targeting physicians, healthcare workers and patients. As cyberattacks continue to rise, targeting those with the weakest defenses and the most to lose, today’s internet isolation technology can provide peace of mind for both healthcare employees and patients.
About the author: Mehul Patel is the director of product marketing for Menlo Security.
Anyone who has either had cancer or is family or friend to a cancer survivor, knows all too well how vulnerable the disease can render the body, not to mention the fear and stress involved with a diagnosis and treatment. So, given that, it is simply horrendous that so many cybersecurity attacks have been levied against healthcare institutions. For instance, patients of the Newark-based Medical Oncology Hematology Consultants (MOHC) recently began receiving notification letters of a breach that occurred a year before. Officials say that a cyberattack targeted an email account on June 7 or 8, 2018.
Adding to this, only a few weeks later, it was announced that another major healthcare breach occurred when Quest Diagnostics reported that nearly 12 million of its customers may have had personal, financial and medical information breached due to an issue with one of its vendors. All these attacks can only add yet another layer of terror for patients who must learn, often months later, that their private data has been compromised.
As the list of attacks against the healthcare industry continues to rise, cybercriminals will always target those organizations with the weakest defenses and the most valuable data. The fact is, there are few industries as dependent on personal data and information than healthcare; without patient records, and access to medical and network devices, a healthcare facility cannot operate — which makes securing data not just an IT function, but a lifesaving mandate.
Compounding the crisis, medical institutions often lack budget and IT staff to keep ahead of cyber threats, and as a result, are playing a perpetual game of catch-up. Another and often overlooked reason for the vulnerability of healthcare institutions, is the high number medical professionals using personal web mail accounts, which makes healthcare institutions ripe for phishing email attacks. While many healthcare organizations supply employees with education and sessions to learn how to detect a phishing or malicious email, even the most technologically sophisticated professionals can be tricked into allowing dangerous malware into the organization’s network.
Why the healthcare industry needs zero trust internet
Today’s security solutions have been playing with fire, with a “detect and protect” approach — using products that are all trying to determine what is “good versus bad.” Firewalls block internet traffic based on whether something is identified as being a threat or not. While many of these solutions can easily understand what is or is not a threat if the threat has been identified, the main fault of this approach is that there are, literally, thousands of new malicious exploits revealed each day and it can take time to figure out which data are safe and what are not.
Zero trust Internet overcomes this shortcoming in today’s cybersecurity products. It is a default deny approach that is fundamentally different from the way cybersecurity products work. Today’s products categorize internet content and websites as being malicious or safe, and this approach is known to fail. Internet isolation enables a zero trust internet and takes the guesswork out of security by assuming all internet content and websites are malicious. The healthcare organization’s network is completely safe from web and email threats from the Internet.
As a result, security and IT personnel often report that more than half of breaches take months or longer to detect and even longer to fix — which was the case with the MOHC — as it took a year for patients to learn their private medical data could be in the hands of cybercriminals. While security technologies such as machine learning, and AI are now being deployed and can help, these are nascent solutions that still take time to analyze new exploits. That means there can be a gap of weeks or months between the initial “patient zero” infection and effective mitigation. During that time, many others can fall victim to the attack.
How to protect against malicious cyberattacks 100 percent with internet isolation technology
Imagine there is a “cure” for vicious cyberattacks. The cure is zero trust internet, enabled through internet isolation.
Internet isolation has proved to secure healthcare organizations 100 percent of the time against browser-related or email attacks. Internet isolation works by removing the browsing process from the desktop and moving it to the cloud. This effectively creates an “air gap” between the internet and the healthcare organization’s network, completely eliminating potential sources of attack. In the internet isolation model, malware has no path to reach an endpoint and legitimate content needn’t be blocked in the interest of security. With a native user experience, administrators can open up more of the internet to their users while simultaneously eliminating the risk of attacks.
1. Internet isolation allows employees to safely browse the internet and utilize external email without additional restrictions: Users who engage with internet isolation technology are 100 percent isolated from all malware threats when clicking on an email link, including ransomware. Therefore, rather than introducing more restrictions to healthcare employees to protect the network, internet isolation enables healthcare staff to access their external webmail or browse the internet, while providing complete protection from phishing and other malicious attacks, including malicious web links and attachments. Internet isolation technology removes the difficulties in distinguishing between legitimate and malicious email, web links and content and provides a secure, trusted execution environment.
2. An Internet isolation platform can eliminate credential theft, particularly those targeting physicians and other healthcare workers using webmail accounts. Any link in any email is isolated, alleviating email-based malware threats, including ransomware. While phishing itself is a dangerous intrusion, credential theft is another phishing danger that is a catalyst for even more serious attacks. An internet isolation platform can prevent sensitive user information — such as credentials of healthcare workers and physicians (including user names and passwords) that may lead to patient credit card and banking information, social security numbers, and other sensitive healthcare and patient data — from being entered into malicious web forms on phony phishing web pages.
3. Cloud deployment can support thousands of healthcare workers — no one is left behind: A cloud-based internet isolation platform can support tens, even hundreds of thousands of users. As the number of users or traffic surges, an internet isolation platform must be able to scale and adapt. As a rule of thumb, any security platform that a healthcare organization deploys should be simple and provide a seamless user experience, and an internet isolation platform is no exception.
Mehul Patel
About the author: Mehul Patel is the director of product marketing for Menlo Security.