Attack Types & VectorsSecurity

Hospitals Can Take More Than Your Organs

August 30, 2017 — by Louis Scialabba0


You went to the hospital to get your appendix out and one week later your identity was taken from you as well.  How did this happen? In all likelihood, you can thank a hospital worker.

In its 2019 Data Breach Investigations Report, Verizon found that the majority of data breaches in healthcare are associated with internal bad actors, and result from ransomware and phishing attacks. For the second straight year, Verizon reported that ransomware incidents accounted for over 70 percent of all malware outbreaks in the healthcare vertical.

A Growing Epidemic

Per a HealthCareDive brief, almost 32 million patient records were breached in the first half of 2019 — more than double the records breached in all of 2018. And according to Health IT Security, the top ten healthcare breaches in 2019 (so far) have seen more than 200,000 records breached at a time. These are massive numbers.

In July 2019 alone, 42 separate hacking incidents led to the exposure of 22 million people’s healthcare data. There was only one higher month ever measured – February 2015 – when the Anthem breach exposed the data of nearly 80 million members.

[You may also like: Healthcare is in Cybercriminals’ Crosshairs]

Small hospitals, doctor’s offices, and clinics do a great job at making us well, which is their primary focus; cyber attacks on electronic health records have historically not been top of mind. That needs to change, and the sooner the better.

Although healthcare entities have taken small steps in protecting sensitive data, attacks continue to get more and more complex and can initiate from both the outside and inside of an organization.

Per the above referenced Verizon report, the “healthcare industry is not immune to the same illnesses we see in other verticals such as the very common scenario of phishing emails sent to dupe users into clicking and entering their email credentials on a phony site. The freshly stolen login information is then used to access the user’s cloud-based mail account, and any patient data that is chilling in the Inbox, or Sent Items, or other older for that matter is considered compromised – and its disclosure time.”

Deadly Impacts

Just as small enterprises everywhere are searching for ways to shore up their protection and avoid business disruptions, healthcare organizations have an obligation to protect their business and their patients’ sensitive information — it could very well be a matter of life and death.

[You may also like: 2018 In Review: Healthcare Under Attack]

A Vanderbilt University researcher posited that mortality rates rise in the aftermath of a cyber attack, thanks in part to corresponding disruptions to medical services and delays in providing treatment. The researcher estimated that healthcare data breaches may case as many as 2,100 deaths per year in the U.S.

Just think: What would happen if someone hacked into your pacemaker or insulin pump? The threat is so real that former Vice President Dick Cheney revealed on CBS’s “60 Minutes” in 2013 that he had the wireless capability on his pacemaker disabled.

A Prime Opportunity for Service Providers

Good help can be hard to find, especially when it comes to experts in the complex field of cybersecurity.  Carriers who are experienced (either by themselves or with partners) in protecting their infrastructure and offering services to small- and medium-sized businesses can benefit from new revenue streams by offering security solutions to the healthcare sector.

[You may also like: The Healthcare / Cyber-Security Connection]

There are three major ways a Service Provider can get into the business of selling an MSSP service:

  1. White label an existing service. This is the least risky of the options, and requires no upfront capital. It’s also the fastest way to bring a service to the market. The carrier gets to focus on sales, marketing, and back-office support, but delegates the security expertise and the technology to a partner. This can be sold as a part of connectivity or compute/storage services as part of a high-value bundle.
  2. Build your own service. This takes the most time, capital, and resources, but also offers the highest margins and overall NPV. If you have an in-house IT team that can operate and manage a network security solution, you can maximize your return on investment.
  3. Get the best of both worlds. A third option is to start with a white-labeled service before transitioning to managing it in-house. You forego large capital expenditures up front so you can focus on marketing and selling the service while building back-office operations and expertise. You’ll be able to quickly serve customers and gauge enthusiasm while planning to migrate operations in house over time to recognize the large profit streams in the later years.

This post was updated on September 13, 2019.

Read “The Trust Factor: Cybersecurity’s Role in Sustaining Business Momentum” to learn more.

Download Now

Attack Types & VectorsDDoSSecurity

Eliminating Single Points of Failure, Part 2

July 6, 2017 — by Louis Scialabba0


The Risk DDoS Attacks Pose to Enterprises

What is the impact of a DDoS Attack?

Denial of Service attacks affect enterprises from all sectors (e-gaming, Banking, Government etc.), all sizes (mid/big enterprises) and all locations. They target the network layer up through the application layer, where attacks are more difficult to detect since they can easily get confused with legitimate traffic.
A denial of service attack generates high or low rate attack traffic exhausting computing resources of a target, therefore preventing legitimate users from accessing the website. A DDoS attack can always cause an outage, but often they have the stealth impact of slowing down network performance in way that enterprise IT teams do not even realize the network is under attack and simply think the network is congested, not knowing the congestion is actually caused by an attack.

Attack Types & VectorsSecurity

Eliminating Single Points of Failure, Part 1

June 21, 2017 — by Louis Scialabba0


The Risk DDoS Attacks Pose to Enterprises

The Role of the Firewall

A Firewall is a necessary first step in protecting an enterprise network by establishing a barrier between a trusted, secure internal network and another outside untrusted network such as the Internet. Firewalls have evolved considerably over the years, with the advent of next-generation firewalls to add application-aware filtering and intrusion detection capabilities and help customers improve their first line of defense. However, DDoS attacks are one vector where Firewalls are commonly the point of failure. In fact, Radware’s own research shows that the firewall is the cause of downtime during DDoS attacks roughly one-third of the time. The reason for this is the stateful nature of these devices, required to keep track of open sessions and transactions on the network. Maintaining session state requires use of session tables as well as other CPU resources that are finite and also responsible for other security features. Therefore under attack, the session table can be exhausted causing the firewall to fail.

Application DeliverySecurityService Provider

Mobile World Congress – Is It Over Yet?

March 14, 2017 — by Louis Scialabba1


Four Days. Four days is what is takes for 108,000 technologists to gather in the enchanting city of Barcelona to tell the world what they can expect to experience in the future of mobile communications. Four days is also about the number of days it takes to recover from sleep deprivation, work backlog, and the general buzz that one experiences by being part of the spectacle as grand and electrifying as Mobile World Congress.

The nice part about reflecting on MWC 2017 is that it is very easy to select a handful of themes that permeated throughout all the exhibition halls, keynotes, and hallway chatter. For me, this is the list: IoT, 5G, Virtualization, and Artificial Intelligence.

Application DeliveryNFV

Eliminate the Service Roll-Out Bottleneck with NFV

February 22, 2016 — by Louis Scialabba0


Big-bandwidth applications are the tools your customers rely on to get things done. They don’t have time to wait through the typical six months of lead time needed for you to roll out new services on your traditional network built with proprietary “big iron” hardware.

The good news is that most carriers have begun the process of testing Network Function Virtualization (NFV) as a way to make network and service provisioning faster, more flexible and ultimately more profitable.


Why You Should Plan Now for SDN-Enabled Network Security

October 14, 2015 — by Louis Scialabba0

Software Defined Networking (SDN) is a hot topic for carriers and most service providers are somewhere in the process of figuring out how to take advantage of this technology.  SDN’s design can help to overcome the network challenges that accompanied the explosive growth of video, mobility and cloud services. Major Tier 1 telecoms across the globe are already implementing capabilities to reduce costs and add more flexibly to their managed services.

Attack Types & VectorsHacksSecuritySSL

How Application Attacks Take Advantage of Holes in Legacy Network Security Solutions

September 16, 2015 — by Louis Scialabba0

The attacks that get the most news coverage have dramatic names that make for compelling headlines. You can practically feel the intensity of brute force or volumetric DDoS attacks. These attacks target layers 1-4 of operator networks, the layers where data is moved around in the network. But, there’s a troubling blind spot in legacy network security solutions that enables hackers to go deeper into the operators network – all the way through to Layer 7, the application layer.


Poor Application Attack Visibility is a Major Threat to Carrier Network Security

August 10, 2015 — by Louis Scialabba0

If you own, operate, or even consume a carrier-grade communications network, it’s a safe bet you are under attack right now.  Attack motivations and attack tactics may vary, but one consistency is that high profile, sophisticated attacks on carrier networks are increasing – in both number and severity.  Attackers are getting in and causing slow-downs in network speed and performance, service outages and worse.