Our latest cyber news round up features a report which suggests legacy applications could be posing a serious cyber security risk to hospitals. Elsewhere the UK government is urging innovators to apply for IoT cyber security funding. 

Legacy applications pose serious cyber security risks to hospitals, report finds

A white paper has suggested that legacy applications are posing a serious cyber security risk to hospitals.

The “Legacy Applications: A Healthcare Cybersecurity Nightmare” paper was co-authored by clinical and cyber security consultancy, AbedGraham, and healthcare data management specialists, BridgeHead Software.

It explores the implications that vulnerable legacy applications have for healthcare organisations regarding cyber-attacks.

Following the Wannacry attacks of 2017, and the increase of cyber-crime specifically targeting the healthcare industry, the paper also delves into the clinical, operational, financial and governance risks posed by providers that continue to run and maintain legacy systems, while offering a solution as to how those risks can be mitigated.

Gareth Griffiths, chief technology officer at BridgeHead Software and co-author, said: “Cyber security continues to be top priority for hospitals around the world. As we saw from the Wannacry outbreak, cyber-attacks can have devastating effects for providers. It’s not just limited to the challenges associated with quickly and efficiently recovering systems and data, which is a given; it’s the disruption to hospital operations and critical patient services that create a domino effect.

“From discharge and referral delays, cancellation of elective surgical procedures, the redistribution and transfer of patients to alternative providers, the list goes on. These effects can have a direct bearing on a hospital’s finances, regulatory compliance, legal position, and reputation.”

Innovators encouraged to compete for IoT cyber security funds

Innovate UK has up to £6 million to invest in organisations with ideas that address industry-focused cyber security-related challenges.

The government initiate has launched a competition which aims to solve industry-focused major cyber security-related challenges in the Internet of Things (IoT).

Potential applicants should include a plan to test nearer-to-market interventions and experiments in real environments.

Applications close at midday on 1 May.

Healthcare organisations targeted by email fraudster, report claims

A report by US cybersecurity and compliance company, ProofPoint, has claimed healthcare organisations were targeted in 96 email fraud attacks on average in the last quarter of 2018.

According to the “Email Fraud in Healthcare 2019 Report”, this is a 473 percent jump from the first quarter of 2017.

The report analyses more than 160 billion emails sent across 150 countries in both 2017 and 2018.

Adenike Cosgrove, Cybersecurity Strategist, for Europe, the Middle East and Africa at Proofpoint, said: “Healthcare organisations are high-value targets for cybercriminals due to the large amounts of personal information that they store.

“Unfortunately, these organisations are also extremely vulnerable to email-based attacks as their often-complex supply chains offer multiple opportunities for cybercriminals to insert themselves into various business transactions and trick employees into sharing information or wiring funds.

“It is critical that organisations implement a multi-layered security approach to secure the email gateway and educate employees on cybersecurity best practices. Employees should always confirm the source of all emails that are sent to their personal and corporate email inboxes and be wary of emails that urgently request a password change, patient data, or a link be clicked.”