Next Up In Healthcare Cybersecurity Triage: OT Systems

Imagine this scenario: A ransomware attack strikes a hospital’s operational technology (OT) systems, gaining access to the building’s HVAC, electrical infrastructure, fire and safety systems, or any number of other OT systems vital to running a hospital. The healthcare facility loses temperature control, experiences electrical outages in its operating rooms or is locked out of its building management capabilities – think: locked doors, no lighting control or even access to fire systems.

These OT systems can then be further exploited to gain access into IT systems, for example locking staff out of their computers, and accessing Personal Identifiable Information (PII). Medical professionals could lose access to patient files, causing a plethora of operational disruptions and backlogs. Appointments, surgeries and even emergency cases would likely need to be rescheduled or routed to another facility until the affected systems could be restored.

Such a scenario makes it clear why developing and implementing a vigilant OT cybersecurity strategy in healthcare facilities is important.

As healthcare facilities modernize, connected Internet of Things (IoT) devices for OT systems are proliferating rapidly throughout these buildings. Equipped with remote control and monitoring capabilities, these technologies are advancing healthcare buildings into the digital era – which breeds a mixed bag of benefits and drawbacks. Smart, connected buildings drive productivity, operational efficiency and improved response time, but with more devices online, the cyber-threat footprint expands. OT systems are often not perceived as occupying the same risk register as IT systems, and they aren’t always receiving the same level of cyber monitoring or maintenance hygiene.

Healthcare facilities already face a broad landscape of threats to their IT systems as a sector rich in sensitive information as well as crucial operations – from phishing and ransomware to third-party risks and medical device security vulnerabilities. It can feel like healthcare facilities are playing cybersecurity triage – injecting funding dollars into IT security, the area that currently appears to need the most protection. As more funding feeds into IT protection, attackers will increasingly turn to OT systems as the soft underbelly of these facilities – and exploitation of even a single vulnerability in OT functionality can, destablize the operations of the facility, and directly or indirectly, threaten patient lives.

“Smart, connected buildings drive productivity, operational efficiency and improved response time, but with more devices online, the cyber-threat footprint expands”

While healthcare organizations need to develop a holistic IT-OT cybersecurity strategy that addresses the entire threat profile facing hospital facilities, there’s a strategic first step they should consider: integrate all building management systems into a single platform to aggregate data across disparate systems. This not only enables healthcare facility managers to develop better insights and make more informed decisions and potentially reduce costs but also vastly improves their ability to manage their cybersecurity risk.

As building connectivity and intelligence grow, healthcare facilities are getting harder to protect from bad actors, which makes it imperative that a building’s OT environment be defended as vigilantly as its IT systems. By understanding OT cybersecurity risks and regularly monitoring the evolving attack vectors, healthcare facility managers can better position themselves to make smarter buys, implement targeted, layered, security controls and maintain heightened cyber resilience across their OT environments.