On Wednesday, August 14th, 2024, Dr. Tedros Adhanom Ghebreyesus, the W.H.O.’s Director General “declares Mpox outbreaks in Africa a global health emergency as a new form of the virus spreads”. In his statement, he noted that “The emergence of a new clade of Mpox, its rapid spread in eastern DRC, and the reporting of cases in several neighboring countries are very worrying. On top of outbreaks of other Mpox clades in DRC and other countries in Africa, it’s clear that a coordinated international response is needed to stop these outbreaks and save lives.” which is coming right after Africa CDC Epidemic Intelligence Weekly Report, for the 9th August 2024 that indicated cases in 5 African countries with 4 (Burundi, Central African Republic, DRC, South Africa) on high risk to humans and 1 (Congo Republic) on a moderate level.
With the recent WHO and Africa CDC announcements of Mpox, there’s no doubt that most (if not all) NPHI’s (National Public Health Institutes) IT infrastructures will notice a spike in data flow/traffic, but with that happening, what does that mean for IT and security experts in public health facilities? That should be a question that resonates with every security-focused individual.
It’s no longer news that Public health has suffered some amount of hits from malicious actors including some of the affected states like South Africa’s National Health Laboratory Services (NHLS), which suffered a severe data breach due to a ransomware attack, marking one of the most significant cyber incidents in the country’s public health sector. This is coming right after hospital hackers published Stolen test data and NHS numbers. Recently, there was also the recent leak of 2.7 billion data records with Social Security numbers.
Cybersecurity Ventures predicts that the global annual cost of cybercrime will soar to $9.5 trillion by 2024. This staggering figure is expected to rise further to $10.5 trillion by 2025, highlighting the escalating financial impact of cyberattacks.
According to the 2023 Veritas data risk management report, 76% of healthcare organizations globally have encountered successful ransomware attacks, and 65% have suffered data loss from other types of attacks. Additionally, nearly half (43%) of these organizations prioritize data security as their main risk. Ransomware attacks have become increasingly pervasive, with over 72% of businesses worldwide experiencing their devastating effects in 2023. This represents a substantial rise in the prevalence of such attacks.
Challenges Faced by IT Infrastructures in NPHIs During Health Emergencies
NPHIs face a unique set of challenges when managing IT infrastructure during health emergencies. Some of the most common issues include:
1. Increased Workload
- Surge in data traffic: A sudden influx of data from various sources, such as surveillance data, epidemiological reports, and patient records from health facilities can overwhelm systems.
- Demand for new applications: Rapidly developing situations often necessitate new applications or modifications to existing ones, placing additional strain on IT resources.
2. Resource Constraints
- Limited budget: NPHIs often operate with limited budgets, making investing in cutting-edge technology and infrastructure difficult.
- Staff shortages: Health emergencies can lead to staff redeployment, leaving IT teams understaffed and struggling to manage increased workloads.
- Competencies: Many NPHIs face a competency gap in their IT staff. While having sufficient personnel is important, it’s equally crucial that these staff possess the necessary skills and knowledge to effectively address the unique challenges that arise during health emergencies.
3. Security Threats
- Cyberattacks: Increased vulnerability to cyberattacks due to the sensitive nature of health data and the potential for system weaknesses under pressure.
- Data breaches: The risk of data breaches is heightened as more data is collected, stored, and shared.
4. Interoperability Issues
- Data exchange challenges: Difficulties in sharing data between different health systems and organizations can hinder the effective response to the emergency.
- System compatibility problems: Incompatible systems can create data analysis and decision-making obstacles.
- Lack of data-sharing policies/suboptimal implementation of data policies: Inadequate or non-existent data-sharing policies hinder interoperability within NPHIs and with other agencies. Even when policies exist, their implementation often faces challenges, leading to inconsistencies and inefficiencies.
5. Infrastructure Reliability
- System failures: Overloaded systems can experience failures, leading to disruptions in critical services.
- Power outages: Unreliable power supply can compromise IT operations and data integrity.
- Internet Connectivity: Internet connectivity can be a major challenge for NPHIs, particularly when relying on data from remote facilities. Poor or unreliable internet connections can hinder data transmission, leading to delays, inaccuracies, and disruptions in critical services.
Security Measures for NPHIs
In light of current trends, the question is not whether a public health facility will face a cyberattack, but when. To proactively mitigate threats, IT and security experts in these facilities must take measures to minimize risk and prevent breaches. Losing public health data would be catastrophic for any NPHI, so readiness to recover swiftly and having robust data backup strategies are essential.
However below are other steps to help reduce the threat level:
- Strengthening Infrastructure:
-
- Combine load balancing and DDoS protection to handle increased traffic:
- NPHIs can create a resilient IT infrastructure capable of handling increased traffic by introducing a load balancer to distribute requests across servers, preventing overload.
- In other to withstand cyber attacks from spikes in requests, DDoS protection is important. DDoS protection mitigates attacks by identifying and blocking malicious traffic.
- Test Disaster Recovery Plans (DRPs):
- A DRP plan may look great on paper, but if you don’t test it frequently, you don’t know whether it will hold up when a real disaster strikes. It is important to have a DRP and regularly simulate disaster scenarios to validate the effectiveness of your recovery plans
- Combine load balancing and DDoS protection to handle increased traffic:
- Identify your peculiar issue: Considering every country/region has issues peculiar to them and a one-size-fits-all approach cannot apply, it’s important to localize your SOP based on your peculiarities.
- Create or Practice good security hygiene: Proactive measures need to be taken to prevent security breaches and protect NPHI’s IT infrastructure, these measures include:
- Regularly updating software and applying security patches.
- Data Backup and Disperse Your Data: Adhering to the backup policy as pointed out by Druva is crucial to any organization.
- Enforce strong, unique passwords and enable multi-factor authentication.
- Educate and Train: Humans are always the weakest link; hence they are intertwined with both the problem and solution in most cases, training and awareness programs become paramount in fostering a cybersecurity-consciousness.
- Practice good data handling practices: This involves how data is collected, processed, stored, and shared.
- Data Minimization: Collect only necessary data to reduce risk.
- Encryption: Protect sensitive data in all states (at rest and in transit) using encryption algorithms.
- Access Controls: Limit access to authorized personnel.
- Data Retention Policies: Define how long data is retained.
- Secure Disposal: Properly dispose of data to prevent leaks.
- Invest in technology: Leaders should prioritize investing in advanced security technologies like firewalls, anti-spoofing tools, anti-malware tools, email verification software, and intrusion detection systems that use AI and machine learning for predictive threat analysis and response which can help to improve protection.
- Collaboration and Information Sharing: Public health organizations should foster collaboration and information sharing with healthcare entities, governmental bodies, and cybersecurity professionals. By exchanging knowledge, experiences, and best practices, they enhance collective resilience and address shared vulnerabilities within the sector.
Steps to addressing
According to Stanford Research, about 88% Of Data Breaches Are Caused By Human Error, and 91% of all cyber attacks originate from phishing emails. NPHIs have access to excellent free tools provided by cybersecurity company KnowBe4. IT units or departments can utilize these tools to test their systems and identify areas for improvement, preventing minor issues from escalating into major attacks.
Conclusion
While data sharing among public health workers is crucial, there’s also a need for collaboration between IT experts and other NPHI staff. Vigilance against phishing attacks is essential—such as recognizing suspicious emails and promptly reporting them to the IT security team—to prevent breaches.
Regular cybersecurity training is crucial to equip staff with the knowledge to identify and prevent threats. These trainings educate staff about the latest threats and policies to mitigate risks. Investing in up-to-date security measures is vital to secure NPHI systems and data from cyberattacks.
The increasing frequency and sophistication of cyberattacks targeting healthcare organizations underscore the urgent need for robust cybersecurity measures. NPHIs must prioritize cybersecurity to protect public health data and ensure the continuity of essential health services.
Co-Author: Abiola Oshunniyi