Every time a new cybersecurity threat makes the headlines, health IT teams work quickly to safeguard their networks. Though this is a necessary aspect of cybersecurity work, it is not the only one. In the scramble to keep data safe, many healthcare organizations are overlooking a serious chink in their network armor.
Despite a cybersecurity team’s best efforts, it is inevitable that a determined attacker will get inside your network. The goal of the initial breach is to spread the attack, and the best way to do that is to steal credentials such as SSH keys. SSH keys are access credentials for the SSH protocol, similar to passwords, prevalent in most Fortune 500 enterprise computing environments.
Just like passwords, SSH keys allow entry into critical infrastructure and proprietary data. Stealing SSH credentials is the way attackers turn a relatively small breach into one of the large multimillion-dollar catastrophes in the news that can cause a healthcare organization’s stock—and reputation—to tank.
Concentrating person power and resources on the most recent type of attack is a focus on tactics with no overarching strategy. Sun Tzu in The Art of War succinctly and poetically describes the outcome of such activity:
Strategy without tactics is the slowest route to victory.
Tactics without strategy is the noise before defeat. – Sun Tzu [Read more…]