AI can defend health care networks from weaponized encryption, says report


Photo Credit: Brigitte Wodicka

Algorithmic defense could provide a potent cybersecurity layer to mitigate the dynamic malware pummeling healthcare organizations, according to a new report by the Institute for Critical Infrastructure Technology.

“How to Crush the Health Sector’s Ransomware Pandemic: The Machine Learning Based Artificial Intelligence Revolution Starts Now” looks at the hyper-evolving threat landscape of the deep web forums; the ease by which next-generation adversaries customize their attack vector; and the ways organizations can predict threats in a sector that is a primary, perpetual target of ransomware, insider threats, APT campaigns and other cyberattacks.

The increasing digitization of personally identifiable information makes healthcare lucrative for exfiltration efforts, so cyber resiliency is a must to reduce the millions in loss and impact on human safety from a single breach, says report author James Scott, a senior fellow at ICIT.

Hospital systems, which are full of entry and pivot points, are targeted by nearly 90 percent of ransomer attacks, says ICIT. A joint report by Protenus and found 31 health data breaches, affecting 388,307 patients, in January 2017 alone.

And there is no guarantee that a ransom payment will result in the data being decrypted, resulting in potential permanent loss without backup procedures. Beyond records systems, connected medical equipment is increasingly vulnerable.

Preventative, predictive solutions can provide advantages over legacy technologies, but only if companies understand the problem and the data needed to solve it. The automation of network cybersecurity operations can work in response to learned hacker behaviors, as well as help stem insider threats.

Algorithmic defenses can be used to automatically implement extra security layers when needed and efficiently facilitate the implementation of blockchain technology to secure fragmented data. The proliferation of easily available, malleable exploit kits, ransomware and other malware calls for solutions that adapt to and address more than core IT.

The detailed report can be viewed on ICIT’s website.