Life Sciences
The Life Sciences industry is being targeted…
Hackers start using MEDJACK to infect medical devices and move laterally through hospital networks. Reuters claims “medical info is worth 10X a credit card number”
Wannacry virus takes down major portion of UK NHS at least 80 trusts, 603 primary care and 595 GP practices. Cost estimate: 92M UKP
July 2019 ransomware attack at Springhill Medical Center brings down nurses station and neonatal monitoring system with awful results
April 2021: Southcoast Health Cancer Centers forced to reschedule over 50 patient’s radiation treatment after malware attack
October 2022: CommonSpirit Health suffers major ransomware attack. 620,000 patients are affected across 21 states and 142 hospitals
Hackers start using MEDJACK to infect medical devices and move laterally through hospital networks. Reuters claims “medical info is worth 10X a credit card number”
Wannacry virus takes down major portion of UK NHS at least 80 trusts, 603 primary care and 595 GP practices. Cost estimate: 92M UKP
July 2019 ransomware attack at Springhill Medical Center brings down nurses station and neonatal monitoring system with awful results
April 2021: Southcoast Health Cancer Centers forced to reschedule over 50 patient’s radiation treatment after malware attack
October 2022: CommonSpirit Health suffers major ransomware attack. 620,000 patients are affected across 21 states and 142 hospitals
How much will it cost?
- Attorneys: $500-1200/Hour
- Privacy and Cybersecurity is third fastest growing area in practice of law; Average cost of a data breach is $150M*
- HHS Health Sector estimates are more conservative at $9.23M average for healthcare industry**
And don’t forget about HIPAA…
*Attorney At Law Magazine Jan 10th, 2020
**US DHHS Report Feb 17th, 2022
HIPAA has four tiers of penalties for failure to protect PHI:
- First Tier: $100-$50K per incident (up to $1.5M)
- Second Tier: $1,000-$50K (up to $1.5M)
- Third Tier: $10,000-$50,000 (up to $1.5M) per incident
- Fourth Tier: at least $50,000 (up to $1.5M) per incident
Lets look at some potential use cases in the life Sciences industry:
Example Case 1:
Attempted introduction of ransomware by a cyber assailant
A hacker manages to breach the hospital firewall and tries to insert malware onto the console of an MRI Machine.
The NGDD examines the unauthorized code at a byte level, finds that code is not validated, and rejects insertion into the MRI control system. It can also pass the rejected data to a security event manager for forensic analysis.
In this example, the operator station has been equipped with the Next Generation Data Diode.
Result? Both Device AND patient data are protected
Example Case 2 :
Prevention of potential malware introduced by third party
In this example, the EHR Database has been protected with Smart Network Interface Card
Here an affiliated lab provides updates to the hospital’s EHR database.
If the update is provided in a validated format, it updates the database. If data is not a validated format, it is rejected.
Keep YOUR data safeguarded from potential threats introduced by affiliates
For more information
Email Us