Healthcare Risks: Unprotected Databases, 'Shadow IT'David Sygula of CybelAngel Describes Study of Security Issues
Attackers targeting the healthcare sector are frequently exploiting unprotected internet-facing databases and unsecured network devices, including "shadow IT," says David Sygula, a senior analyst at the security vendor CybelAngel. He led a recent study examining ransomware and other cyberattacks on French hospitals and other healthcare providers.
"You really need to pay attention to your network; there could be a lot of entry points," he notes. For example, he points out, "Sometimes you have a web platform that allows anyone to connect because it lacks a login portal, or it allows people to get documents from your file servers because they are not protected well enough, allowing anyone with guest access to log in."
In this interview with Information Security Media Group (see audio link below photo), Sygula also discusses:
- Additional findings from the CybelAngel study examining recent cyberattacks on French hospitals and how those trends are similar to trends in the U.S.;
- Other security issues involving IoT devices, network-attached storage and medical equipment;
- Stolen credentials found for sale on the dark web.
Sygula is a senior cybersecurity analyst at CybelAngel who works to identify sensitive data exposed on the internet that could be exploited for malicious purposes. Prior to CybelAngel, he served in a variety of roles in the IT industry for over 10 years.