- The US Department of Commerce and the Department of Homeland Security issued a draft report to help reduce HIT infrastructure security threats by strengthening networks against automated cyberattacks.
The report identified automated botnets as the next major security threat organizations need to defend against.
“Botnets represent a system-wide threat that no single stakeholder, not even the federal government, can address alone,” NIST Under Secretary of Commerce for Standards and Technology and Director Walter G. Copan said in a statement. “The report recommends a comprehensive way for the public and private sectors, as well as our international partners, to work together and strengthen our defenses.”
“Botnets threaten to undermine the internet ecosystem as well as the promise of next-generation technologies,” Assistant Secretary for Communications and Information and NTIA Administrator David Redl said in a statement. “This report clearly demonstrates the urgency of the problem and this Administration’s commitment to taking on these threats and creating a more secure and sustainable internet.”
The report advised entities to do the following:
- Identify a clear pathway toward an adaptable, sustainable, and secure technology marketplace
- Promote innovation in the infrastructure for dynamic adaptation to evolving threats
- Promote innovation at the edge of the network to prevent, detect, and mitigate bad behavior
- Build coalitions between the security, infrastructure, and operational technology communities domestically and around the world
- Increase awareness and education across the ecosystem
The report also discussed innovation, dynamic infrastructure, and the edge of the network. All of these topics are prominent themes in health IT infrastructure as organizations continue their digital transformations.
Organizations face new kinds of threats that need to be addressed and remedied as infrastructure technology continues to evolve. Cybersecurity attacks are evolving while infrastructure technology becomes more advanced.
The report emphasized the infrastructure that connects different technical domains. The Departments defined Infrastructure as, “the technology and organizations that enable connectivity, interoperability, and stability, going beyond the physical wires, wireless transmitters and receivers, and satellite links to include the hardware, software, tools, standards, and practices on which the ecosystem depends.”
Simply filtering traffic isn’t an effective enough way to defend against cyberattacks anymore, yet many organizations still use this method as their primary defense. While filtering traffic still needs to be done, organizations need to make the data collected actionable. This way entities can build security strategies based on weaknesses.
Cyberattackers will exploit holes in services and embed malware into regular traffic. Entities need more intelligent and dynamic security solutions to truly protect their network.
More medical Internet of Things (IoT) devices means that more devices are connecting at the edge of the network. Some of these devices may seem secure because of their simplicity, such as devices only transmitting location. However, every device connected to the network is at risk and needs to be secured properly.
Large healthcare organizations can have as many as 85,000 connected medical devices and each device can be doing something different on the network.
Lots of these devices are on the edge of the network. Without innovation on the edge, these devices are at risk and are a target for hackers to gain access to the rest of the network. Networks have grown to be so expansive that organizations need new and innovative ways to protect all their devices.
The Departments suggested that organizations use a hybrid approach to cybersecurity for accommodating complex infrastructure systems. Even so, report authors recognized that it is an expensive process and many organization may not have the budget to employ the most advanced security solution.
Report authors suggested that entities work together with vendors and other providers to share best practices. With that approach, each individual organization doesn’t need to go through a trial and error process with its cybersecurity strategy.
“Infrastructure providers across the board must develop a broad understanding of the benefits of shared defense approaches, and communities should work together to drive best practice adoption,” report authors explained. “This work includes ubiquitous adoption of filtering at the interface with customer networks, including multi-tenant infrastructures such as cloud providers.”
“Ideally, infrastructure providers should understand the current levels of attacks, maintain sufficient capacity to absorb realistically expected levels of malicious traffic, and communicate those capabilities to their customers.”
Organizations must gain as much visibility into their network as possible and start considering automating certain security tasks as health IT infrastructure tools continue to scale up in their size and ability. Automation can help cut back on staffing costs as well as eliminate human error when it comes to botnet attacks.