Machine Learning & Artificial Intelligence is Key to Fighting Ransomware in Healthcare
Every once in a while the world wakes up to the news of yet another data breach of incredible proportion, providing a crude reminder that healthcare IT systems are not as secure as they should be.
Some black hat hackers sell stolen data in bulk on the dark Web while others use a technique called credential stuffing to automatically force authentication on targeted domains. But regardless of how the stolen data gets used, one thing is for certain: increasingly bigger cyber data breaches and thefts are clear indicators that passwords used on their own are an inadequate way to ensure security. Instead, passwords should be used in addition to data encryption, guaranteeing that even if data is stolen it can’t be used by any other entity—hacker or competing organization.
The reality is, passwords really haven’t been an effective security control method for a very long time. Some organizations are fully aware of this and are taking steps towards moving away from passwords to more sophisticated ways of confirming authentication through artificial intelligence.
So, what if we got rid of the long-outdated password? Are we right to trust AI with a task as important as healthcare security? And what is the ongoing role of encryption since many healthcare systems still store data as plain text on easily hacked mainframe servers?
The possibility for machine learning in cybersecurity
Machine learning is making tremendous progress in many industries that lean heavily on forecasting activity. The healthcare insurance provider Aetna is a good example of an early adopter. The company decided to make passwords optional and instead rely on machine learning tools to build a behavior-based security system that allow users to add biometric protection on their devices.
This innovative security system works by letting users choose from a list of biometric factors that are analyzed by a risk engine. The risk engine takes into account device attributes (OS version, hardware configuration, software changes) as well as customer behavior (how a mobile is held when making a call or texting) to decide if the potential user matches the established identity.
AI could be a feasible solution
Artificial intelligence already exceeds the smartest human’s capabilities by leaps and bounds. Imagine a human being filtering through massive amounts of information while keeping on top of all that data – It’s simply not possible. It’s a simple task for AI, however, and it can do it on a 24/7/365 basis without taking breaks for sleeping, eating and spending time with family while keeping patterns of different attacks and blocking them by pattern matching. However, some experts believe the widespread use of artificial intelligence will lead to an increase in social engineering attacks, network penetrations and cyber-attacks. In era of AI the best defense against AI-enabled attacks is by using AI. In the end, it all depends on which side they are on. An AI can be used to detect patterns and defend infrastructure, however, it’s just as effective in increasing the attack surface that hackers can target.
Governments and large corporations are already deploying AI systems to help with cyber security defense, using behavioral analytics to identify abnormalities among millions of interactions of expected behavior—something that would be nearly impossible for a human to achieve.
Unfortunately, every system can be exploited, AIs included. Cybersecurity is a constant battle where every system is at risk of attack—regardless of the perceived value of the data stored on it. However, as attackers use to AI systems for cyber-attacks, cyber security experts can deploy new countermeasures meant to keep them at bay. It’s a constant cat and mouse game where AI is seen as a huge asset in the war for digital data.
New era of technology
The problem with large organizations is they must be operational while protecting their infrastructure. The technology required to combat these challenges cannot be based on legacy systems that dominate healthcare industry at this point. Specifically, given privacy and compliance concerns, the healthcare industry needs state-of-the-art infrastructure with top-of-the-line security, and fortunately, most cyber security companies provide Next-Gen Network Firewalls, IPS and IDPS system, Application firewalls, Next-Gen Endpoint security and new secure operating systems with encryption from hardware to software. Most even offer identity and access control with multifactor authentication.
All these components make up the next generation technology that is needed to fight modern cyber-attacks.
Let’s start with simple upgrades
Beyond this next-generation technology, pattern matching and algorithms that use machine learning heavily are already showing promising results in the market. Two factor authentication can defeat many phishing social engineering attacks, because even if the password is compromised the end factor token is needed to access a resource hence stopping an unauthorized access to network.
Until machine learning and AI becomes the norm, every organization should enable two factor authentication–even in legacy systems. These are achievable with very small effort and reduce the surface attack drastically. However, two factor authentication is just the first step. A new technology road map should be prepared to plan and upgrade to fight for future cyber-attacks.