According to MIT Technology Review’s Patrick Howell O’Neill, zero-day events are on the rise. This may be happening because more threat actors are attempting to exploit unknown vulnerabilities, but O’Neill also points out that more hackers are being caught.
It is important to understand what zero-day events are and learn how best to protect your organization from this type of attack.
SEE ALSO: HIPAA compliant email
What, exactly, is a zero-day event?
A zero-day event, often called a zero-day attack or exploit, occurs when threat actors find out about a software security flaw that is unknown to software developers or users and then use that flaw to gain access to computer systems and the data they contain.
These software security flaws could include software bugs, broken algorithms, weak passwords, or lack of encryption.
Hackers use malware, including exploit codes, to gain access to vulnerable software systems. It is even possible to buy exploit codes, so threat actors do not necessarily have to be software experts to take advantage of an organization’s unknown vulnerabilities.
SEE ALSO: What is crimeware-as-a-service?
The term zero-day is used because once hackers have exploited the security flaw, the attack is already underway and there are zero days available to prepare for or mitigate that attack. Zero-day events require an immediate response.
How could a zero-day event affect your healthcare organization?
Zero-day events often go undetected for weeks or even months. While employees are going about their everyday tasks, hackers could be stealing or changing your data, committing identity theft, committing bank fraud using your information, taking control of your hardware and software systems, or installing additional malware.
A zero-day event could lead to patients’ data, including protected health information (PHI), being stolen and leaked. Covered entities, who must demonstrate that they are protecting patient data in order to be considered HIPAA compliant, need to be aware of this issue and take action.
According to the Department of Health and Human Services’ Healthcare Sector Cybersecurity Coordination Center (HC3)’s report on zero-day attacks, the average time for an organization that has suffered a zero-day attack to fully deploy software “patches” that fix the exploited vulnerability is 97 days. That’s a long time to be in such a vulnerable position.
How can healthcare providers protect themselves against zero-day events?
According to HC3, it is impossible to prevent all zero-day events because these cyberattacks exploit unknown software vulnerabilities. However, there are several steps healthcare providers can take to minimize their exposure to a zero-day event.
- Stay up to date on available zero-day event information, using trusted resources such as HC3 and National Security Agency publications
Immediately download and install all software patches provided by your systems’ developers
Use a web application firewall and make sure it is always up to date
Implement Runtime Application Self-Protection (RASP) security software, which monitors calls to a software application and checks the calls for suspicious activity
Healthcare providers should also take steps to ensure that their email is HIPAA compliant to protect their patients’ PHI. Paubox Email Suite Plus encrypts all outgoing emails by default and uses robust inbound security tools to protect your employees’ email inboxes from malicious threats.
Paubox Email Suite is also HITRUST CSF certified, demonstrating that it meets regulatory and industry-defined requirements and is appropriately manage risk.
Our products use blanket Transport Layer Security (TLS) encryption and two-factor authentication to safeguard your email. Paubox Email Plus also includes Zero Trust Email which leverages email AI to authenticate senders’ mail servers.