The European Union's recommendations for protecting hospitals from computer attacks
Hospital safety in Europe is a concern.
Since the beginning of the year or even since last year, hospitals have been increasingly targeted by computer attacks, especially ransomware. Unfortunately, the health crisis has not improved things. Hospitals remain at the forefront of cyber-friendly surveillance, which is growing ever more.
This article will also interest you: Smart Hospitals Face the Reality of Cybersecurity
DANNY Palmer, IT journalist, wrote: "Hospitals are becoming an increasingly tempting target for cyber criminals. Especially since the health crisis, which puts hospital networks and the health market at the forefront of the growing risks of cyber attacks. The size of hospital networks, the vital importance of PC fleets on these networks that remain operational, such as how much of the health care-related computer systems are left in operation on unsured operating systems means that protecting hospitals from cyber attacks is now becoming an increasingly complicated task. ».
Then cyber criminals will benefit. And this can be seen in the countless ransomware and information thefts of hospital structures.
In what context, the European cyber security agency ENISA, has decided to publish a set of recommendations for the head of security of hospital information systems. "Protecting patients and ensuring the resilience of our hospitals is an essential part of the agency's work to make Europe's health sector cyber-secure," said Juhan Lepassaa, ENISA's Executive Director. The document is entitled "Procurement Guidelines For Cybersecurity in Hospitals"
1- Involvement of the IT department in contracting
It is understood here that from the beginning is the IT department must be concerned with any purchase and process of transformation of hospitals.
2- Adoption of security flaw management identification protocol
When it comes to cybersecurity, managing essential security vulnerabilities. Especially when we know that certain security vulnerabilities cannot be avoided when designing a computer tool. This makes any computer installation vulnerable in some way. So research and identification is a work that is constant and must be at the centre of cybersecurity efforts. And it minimizes risk.
3- Regularly update your computer tools
Updates such as searching and identifying security vulnerabilities are very important. It helps to fill vulnerabilities and reduce attack vectors. History has shown that all the institutions that have neglected this aspect have paid very hard. In its recommendation, the European Cyber security agency advises IT departments to establish timetables for the application of security patches taking into account needs and risks.
4- Strengthening the security of wireless communications
To succeed in the bet, it is asked to reduce access to the hospital network as much as possible. It system administrators must also introduce strict identity checks. In other words, all devices and devices that are connected must be framed by careful monitoring. This will have the advantage of determining and blocking in advance any unwanted or unknown device that has connected to the network. The recommendations of the European Security Agency state that the number of staff able to access Wi-Fi must be limited. In addition, access will need to be protected by passwords that are designed in an efficient and robust manner.
5- The establishment of regular computer networks and systems
"Keeping logs on testing and activity on the network makes it easier to trace what happened and how the attackers gained access to the system, as well as to assess what information was compromised. Keeping newspapers safe is one of the most important security tasks," the European agency's document read. What it means, that network and information system administrators, must check the state of their infrastructure. If possible to use external lips. Generally, there are European institutions specialising in computer tools.
Now access an unlimited number of passwords: