Page 116 - Cyber Defense eMagazine July 2024
P. 116

exploit  endpoint  vulnerabilities.  As  threats  like  Black  Basta  continue  to  evolve,  employing  advanced
            tactics such as spear phishing and exploiting critical vulnerabilities  within commonly  used software, the
            emphasis  on robust endpoint  security and comprehensive  threat prevention  strategies has never been
            more important.




            Security Begins at the System Level

            To use preventative endpoint security, healthcare organizations require a proactive and secure operating
            system (OS) on all employee endpoints. A secure OS will significantly reduce the risk of an attack vector
            infiltrating through human error or stolen credentials.

            When looking for a secure OS, ensure it will effectively minimize the attackable surface by removing the
            vulnerabilities  at the endpoint  targeted  by cyber-criminals.  To deliver the greatest  protection,  a secure
            OS should…

               •  Ensure  that no local data is stored at the endpoint,  which  prevents the download  of potentially
                   malicious attachments or code to the endpoint.
               •  A read-only OS ensures malicious changes cannot be made to the OS itself.
               •  Deliver  a secure  boot  process,  cryptographically  checking  each operating  system  module  and
                   resetting the OS to a known secure state should tampering be detected.
               •  Integrate  with MFA and  SSO, including  Microsoft  EntraID,  Imprivata,  Okta, Ping  and AuthX, to
                   reduce the potential of stolen credential attacks while keeping clinical workflows optimal.
               •  Support a modular design to reduce the endpoint attack surface by only deploying the necessary
                   software components and applications.



            Utilizing a secure OS will remove a critical part of the attack chain by eliminating the endpoint as an attack
            vector and integrating it with MFA solutions to reduce the chances of stolen credential attacks. That said,
            user education will always be a critical aspect of any security planning and should not be ignored.

            To truly protect our healthcare  systems  from threat  actors like Black Basta,  organizations  must take a
            multifaceted approach, heeding the advice from CISA and investing in proactive approaches such as the
            IGEL Preventative Security Model.

















            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          116
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   111   112   113   114   115   116   117   118   119   120   121