There’s a lot of chat around supply chain delays in the lead-up to Christmas, but we wanted to bring your attention to a threat with a similar name. Today, we are talking about supply chain attacks.
We are going to run through what these challenges mean to your business and how you can keep your organisation secure.
What is a supply chain attack?
A supply chain attack transpires when a cybercriminal targets an organisation via security vulnerabilities in its supply chain. However, this vendor or provider is not the primary target. Instead, the malicious actor uses them as a conduit to target their user network. Using this method, a cyberattack can infiltrate multiple different organisations at once to access their data.
One example that the Australian Cyber Security Centre (ACSC) flagged in their Annual Cyber Threat Report 2020-21 occurs when actors target software vendors and covertly alter the software to embed malicious code. If the threat is not identified, it can be released to thousands of organisations and installed as a patch or upgrade to their existing software.
Why are health organisations being targeted?
The health industry is often a victim of supply chain attacks due to the value of personal health information. With an increase in digital records and a move towards integrated patient care, more service providers and suppliers have contact with sensitive patient data than ever before. Coupled with the shift towards telehealth consultations, a health organisation’s attack surface or vulnerability is expanding.
While medical clinics are not often the end target of the attacks themselves, they are used to access other larger companies like hospitals. In this scenario, the cybercriminals exploit the clinic’s network to penetrate the hospitals, patients, and suppliers that the clinic works with on a day-to-day basis. Imagine needing to contact every patient, colleague, partner, supplier and hospital in your network to let them know that your system has inadvertently sent out a virus, revealing their client’s sensitive data. It would be a tough conversation!
Thankfully, there are processes that you can put in place to avoid this scenario.
How can you avoid an attack?
The key to keeping your clinical data secure is to have a proactive approach to threat identification and take steps to reduce your vulnerability. The following considerations will assist:
- Cyber security awareness
Can your team easily identify a ransomware threat or phishing email? Regular cyber security training and awareness is crucial to ensure that your staff are alert and able to identify a potential attack.
- Visibility and control of your vendor network
You may have a large number of vendors in your extended supplier network. Maintaining a transparent and up-to-date record of the service providers you interact with assists in security management and tracking.
- Controlling administrative permissions
Minimising access to administrative permissions helps to reduce the attack surface on your systems. As part of our Security Stack, we conduct regular reviews to revalidate admin access and ensure it is up-to-date.
- Network segmentation and limited access
Suppliers and contractors generally do not need access to all of your systems and files. By segmenting access to limit the documents they see and can interact with, you can help to protect more sensitive information.
- Blocking malicious code
Malicious code can worm its way into your organisation through ads, Flash and Java. However, you can block it from penetrating your systems by uninstalling Flash, disabling at-risk features, and configuring your web browsers.
- Regular network monitoring
Networking monitoring can help you optimise your network and detect any devices that might compromise your network, and alert administrators. For this reason, regular network monitoring is recommended to avoid supply chain attacks.
- Endpoint Management
You may have had staff working from home throughout the pandemic, whether on a work laptop or their own device. Poor endpoint management can leave your organisation open to a range of threats, so it is crucial to have a strategy in place to ensure these devices are secure.
If you are unsure about whether you are doing all of the above, Health IT is happy to talk you through it. And rest assured that if you have our Proactive Services package or have implemented our Security Stack, we are already taking care of it for you.
The ACSC has also expanded their Australian Cyber Security Hotline (1300 CYBER1) in response to the increase in cybercrime reports last year. You can ring them 24 hours a day, seven days a week, or cyber security help, advice and technical assistance. They have also added new learning resources at https://www.cyber.gov.au/learn