Preparing for cyberattacks: building a resilient infrastructure

As history shows, global ransomware attacks have been part of the new reality for quite some time. As the healthcare industry continues to move away from paper and towards an increasingly digitized environment, the risk of cyberattacks increases.

What is a cyberattack?
In basic terms, a cyberattack involves launching an attack from one or more computers against another computer, multiple computers, or networks. The goal of these attacks is to:

  • Disable the target computer or knock it offline
  • Gain access to data on the target computer
  • Attempt to get admin privileges

A common type of cyberattack involves infecting computers with crypto-locking malware and then demanding a ransom in exchange for a promise of unlocking the encrypted files. Another common type of attack known as phishing involves an individual or individuals being contacted by email, telephone, or text message by someone posing as a legitimate entity. The goal is to lure people into disclosing sensitive data (e.g. personally identifiable information, banking and credit card numbers, and passwords).

What is cybersecurity?
Cybersecurity refers to any technologies, processes, and practices designed to protect networks, devices, programs, and data from attacks, damage, or unauthorized access. Developing protection from cyberattacks should be a high priority for all healthcare organizations. Incorporating technology to help combat against phishing attacks is a great start, and definitely part of any holistic cybersecurity strategy. But all the technology in the world probably isn’t enough – it’s also important to plan for human nature and behavior, such as the possibility someone in your organization will click on a dangerous phishing link. How will you react when this happens? You need to put up defenses to prevent cyberattacks and prepare for the possibility of various scenarios.

The best way to combat against cyberattacks is to build cyber resilience, which relies on far more than just securing the perimeter. Putting time and effort into building a sound resiliency plan will enable your healthcare organization to continue to operate and provide care despite increasing threats of attacks.

Building resilience with compartmentalization
When it comes to building cyber resiliency in healthcare, the best defense truly is a good offense – being proactive, rather than reactive, will present a strategic advantage and ultimately help to contain any potential damage.

One way to be proactive in healthcare and build a resilient infrastructure is to compartmentalize – how can you secure your organization so that, should you be impacted by a cyberattack, you are prepared and can quickly bounce back?

Avoiding an iceberg
For centuries, boats and ships have been built with bulkheads – upright walls within the body of a ship. Those bulkheads help to fortify the structure of the ship, but also create watertight compartments that can prevent the spread of water in case of a leak. By containing a leak to just one area, a ship can continue on with little-to-no problem. Without bulkheads, though, the likelihood of an entire ship taking on water and sinking would increase drastically.

As part of a ship’s infrastructure, bulkheads help build resilience. Should a ship hit an iceberg – despite all training to avoid them – only that singular part of the ship, if punctured, will take on water. Bulkheads, and their ability to create compartments within the body of a ship, keep the rest of the ship afloat.

Think of a cyberattack like an iceberg, and your organization like a ship. Just like crews can be trained to spot and navigate around icebergs, your end user cans be taught about how to avoid phishing attacks and malware. And just like the hull of a ship can be strong and well-constructed, you can work hard to secure the perimeter of your organization.

But ships still hit icebergs, and someone will, very likely, still click on a bad link. Bulkheads are proactively constructed to keep a ship safe – but what can you do if and when you hit a “cyber iceberg?”

Prepare for an iceberg – and be ready if you hit one
Implementing virtual desktop infrastructure (VDI) can help increase cyber resiliency, eliminate antiquated desktops, and create virtual compartments, or bulkheads, that are capable of containment. With VDI, data, applications, and operating systems don’t live on the end points – they are all running in a centrally managed server. This helps bolster security and recovery, especially when threats are most often the result of human nature and behavior.

If you hit a “cyber iceberg,” a compromised or infected virtual machine can be quickly quarantined, terminated, and restarted from a golden image. This limits the potential consequential damage of a rogue machine propagating copies of itself. The ability for users to access clean instances each time helps build resiliency and the ability to continue running the business even when one or machines are compromised.

Why is cybersecurity important?
With virtual compartments created with VDI, user data can be separated from the operating system used to deliver the computing environment. Keeping these separate and, preferably, with different admin privilege levels, limits the extent of damage a malware can inflict both on one machine as well as to others. Without VDI, the work and processes needed to cleanse and re-launch an infected desktop could take hours or days to restore – and not being able to contain the damage means your entire ship could sink. VDI helps to create a resilient infrastructure that allows for your organization to be prepared, contain the damage, and stay in business. That is the ultimate goal these days – keeping the desktops on.

The adoption of VDI in healthcare has been steadily increasing – and for good reason. With VDI, organizations break the dependence on physical desktops and workstations, and can ensure that systems can get back up and running quickly in the event that they hit a “cyber iceberg.”