Shellshock – New Vulnerability that Healthcare Sector must address now

As the federal tally of major breaches increased to a total of 1074 incidents affecting 33.7 million individuals since 2009, there are more such incidents added to the list every day. Health care organizations on a global scale, though being technologically sound with latest equipment, embedded software and networked environment, are increasingly becoming targets for data breaches.

Use of enhanced technology facilitates them to provide access to vital data across regions for better and faster clinical understanding and increased patient care. Nevertheless, the increase in mobility and accessibility are sadly also the reasons for these organizations being challenged by data breaches. The most recent experience being that of Community Health Systems earlier this year, where the Chinese hackers are believed to have taken advantage of the Heartbleed Open SSL vulnerability and gained access to the data of 4.5 million patients of the hospital chain. Such incidents clearly indicate the wide range of risks faced by the healthcare sector.

A close study by HHS on the breaches showcase hacking as the cause of at least 89 major breaches since 2009; security experts are of the opinion that these incidents are becoming more common posing bigger threats. Besides hacking, insider threats and lack of encryption also cause data breaches. The increase in digitally stored patient information has seen insider threats growing substantially. Though IT leaders work to harden perimeter security the defences, the threat prone environment calls the healthcare organization to take up proactive measures to mitigate the risk posed by the Bash flaws known as Shellshock.

While Shellshock refers to security vulnerabilities in the Bourne-again shell system software known as Bash, it is a common line interface that is used across Unix based systems, including Linux and Apple’s MAC OS. Since Bash exists across the Internet in web servers, email servers, standalone systems, physical security systems, routers and even web cams, researchers are identifying new Shellshock attacks in the wild on a daily basis.

There is every possibility of attackers exploiting the Shellshock flaw to execute shell commands remotely and potentially taking control of the systems in the healthcare sectors. Through the process attackers would dump the stored data and launch automated worms to exploit the vulnerability of a Bash system in a network. Security experts therefore call enterprises across this sector to use systems that can scan Bash flaws and mitigate risks. Most healthcare establishments carry out periodic self-assessment and risk analysis as vital activities to prevent breaches.

However, advanced security solutions such as Aegify SecureGRC and Security Posture Management facilitates these enterprises with an ideal platform to identify this vulnerability and take necessary measures to secure their environment from data breaches.

As a healthcare organization you need to,

Work with vendors to identify all systems that need patching, such as those running Unix, Linux, Mac OS X, and as well as Windows
Monitor and assess all technology dependent medical devices and network devices for patching
Patch Internet-facing systems first as this is the crucial source of Bash flaws
Continuously monitor logs and network traffic over a period to help identify any potential compromised systems

However, as with HIPAA compliance, to ensure complete security, both covered entities and business associates also need to take up proactive measures to handle Shellshock issues, address vulnerabilities and data breaches.

Aegify Security Posture Management, an innovative and completely cloud-based automated and integrated security monitoring and compliance assessment tool helps the healthcare entities to take away the complexity of security posture and compliance management. This tool simplifies the protection of their physical and virtual environment and IT infrastructure from security breaches by cyber attackers while also meeting regulatory requirements. Equipped with distinct features such as continuous security monitoring, vulnerability management engine, physical and virtual network scans, interoperability, re-mediation and multi-layered vulnerability analysis, Aegify’s security solutions provides a complete end-to-end and comprehensive solution to identify security gaps and help enterprises apply related patches or use virtual patching.