Skip to content
November 23, 2016 / Lucy Gissing

Why Employees can be a Security Risk for Hospitals


  • Large quantities of sensitive data held by hospitals are being targeted by hackers.
  • 90% of employees in hospitals failed a CynergisTek phishing test
  • Bromium protects companies from the unknownvaccination1

There’s an ever growing epidemic of cyber-attacks on hospitals. The NHS and other healthcare providers are being targeted by hackers because they have such large quantities of sensitive data. It recently hit the news that three UK hospitals were forced to shut down their IT systems and declare a major incident after being hit by a virus. This isn’t a game – at least 35 operations had to be cancelled putting people’s lives at stake.

Learn more: Get the Bromium Overview

Trust me, I’m a…

So how do the attacks happen in the first place? Simple answer; a company’s biggest vulnerability – humans. We already know from previous Bromium blog posts – you can’t trust humans and relying on them to keep your company safe isn’t a solid strategy. A U.S. hospital operator, Atlantic Health System found this out when they commissioned CynergisTek for a phishing test.A grand total of 5,000 employees were sent manipulated e-mails. To the surprise of the hospital leadership, 90% of employees – (that’s 4500!) opened at least the attachment, and more than half of those who opened the attachment proceeded to give their personal data.

Prevention is the best cure

Atlantic Health System’s phishing test showed that even employees in the IT team fell for the hackers’ clever tricks. So how do hospitals deal with this cybercrime epidemic? As doctors well know, prevention is better than cure. The same applies to malware attacks and this is where Bromium comes in. Think of our technology as taking a vaccination to prevent a flu virus, instead of taking cough medicine to treat the symptoms once the fever has kicked in. Bromium’s Jochen Koehler explains more in an article for Monitor: “By isolating all potentially dangerous processes in a micro VM, malware never reaches the actual operating system and cannot harm the local or network or lead to a data theft.”

You don’t have to fear the unknown

It’s impossible to know what strain of cyber-attack will strike next. Cybercrime is constantly evolving and hackers are always using unknowns, such as the recently discovered ransomware code CryPy. Traditional security software often fails to protect against these and that’s where Bromium’s micro-virtualisation technology is different.  In a Business Reporter article Bromium’s Co-Founder and President, Ian Pratt recommended that “companies stop trying to fight an unwinnable battle…you can just let ransomware run with Bromium, as it’s completely isolated, with no way of escaping.”

 

%d bloggers like this: