By Elizabeth Snell

March 15, 2017 - Healthcare is facing more ransomware threats every day, and is a prime target for such attacks. However, the Institute for Critical Infrastructure Technology (ICIT) explained in a recent paper that artificial intelligence could greatly aid organizations in creating stronger cybersecurity defenses.

ICIT stated in “How to Crush the Health Sector’s Ransomware Pandemic: The Machine Learning Based Artificial Intelligence Revolution Starts Now!” that machine learning based AI throughout the Internet of Things (IoT) microcosm could help detect, respond to, and predict threats.

“The healthcare industry is the primary perpetual target of cyber attackers due to the massive amounts of disparate data collected, stored, and inadequately protected,” wrote lead author ICIT Senior Fellow James Scott. “Early adoption of sophisticated algorithmic defenses such as machine learning or artificial intelligence solutions will transform healthcare cyber defenses beyond the capabilities of average attackers.”

Healthcare is already utilizing cognitive and AI solutions for big data analytics and for clinical applications, Scott added. It’s now necessary for healthcare “to responsibly protect its patients and their data by adopting algorithmic defense solutions.”

“The application of machine learning and artificial intelligence solutions to health IT infrastructures is going to rapidly transform the sector by providing a mechanism through which providers and vendors can protect clinical health data that is stored locally or in the cloud,” the report noted.

However, healthcare organizations must ensure that they find sophisticated solutions from reputable vendors.

ICIT Fellow Rob Bathurst pointed out in the report that AI solutions need proper knowledge, planning, and execution. Otherwise, AI solutions could potentially require additional cloud computing resources or even expose sensitive files for analysis.

“Artificial Intelligence is not the panacea or the solution to all problems in healthcare with regards to cyber security, but highly focused applications of Machine Learning can result in a much greater protection for organizations and patients,” Bathurst noted.

ICIT also observed how machine learning could be beneficial as healthcare is utilizing medical equipment (i.e. pacemakers, insulin pumps, defibrillators) that could potentially vulnerable to cyber attacks.

ICIT Fellow David McNeely explained that these types of learning systems could “identify patterns of normal usage and alert or flag events that are out of the ordinary.”

Machine learning could also be used “to calculate a risk score for specific events as they happen based on the similarity or not to the normal behavior observed for the user performing the specific events,” McNeely said.

“Once the risk score has been determined in realtime, the system can use this during a login event to either grant the access for a low-risk event or to challenge for Multi Factor Authentication [MFA] or possibly block the access for high-risk events,” stated McNeely. “In this way, the system enables IT to apply MFA more liberally across infrastructure and applications since the machine learning system will make decisions of risk which determine if MFA will actually be applied or not.”

Overall, healthcare organizations must practice good cyber hygiene, according to the ICIT report. Patching vulnerabilities, security by design, threat hunting, and machine learning-based AI can all be essential tools in fighting against evolving cybersecurity threats.

With other recent reports showing the increase in healthcare ransomware attacks, it’s essential for organizations to put necessary data security measures in place.

Healthcare ransomware attacks will double by 2018, according to IDC FutureScape: Worldwide Healthcare IT 2017 Predictions.

IDC also predicted that the next three years will be focused on adopting disruptive technologies that will enable healthcare digital transformation. An increase in internet of things (IoT) technology will also lead to the convergence of mobile, social, and sensors. This is also a specific driver for the increase in healthcare ransomware attacks.

Lynne Dunbrack, research president of IDC Health Insights, told HealthITSecurity.com in a 2016 interview that healthcare must find the right balance between innovation and security.

Organizations need to ensure that they are not impeding themselves when it comes to making necessary investments in needed innovations.

For example, providers may focus on engaging consumers and providing innovative technology to make it easier for clinicians to do their jobs, particularly around making EHR improvements.

“It’s about walking that line between ensuring that that innovation is secure, but that we’re also being able to move forward with new technologies as well,” Dunbrack stated.