AI in Healthcare: Protecting the Systems that Protect Us
This blog is extracted from WIRED and written by DARKTRACE
Used for both patient diagnosis and treatment, artificial intelligence (AI) is increasingly being adopted in the healthcare sector. With recent developments enabling AI to outperform expert radiologists at spotting breast cancer and diagnose deadly blood diseases at a faster rate than humans, investment in such technologies is set to increase significantly over the next five years.
The use of AI is improving diagnostics, patient care, and clinical decision support across the medical field. In fact, in light of the current pandemic, industry spending on such technologies is set to reach more than $2 billion in the next five years–a testament to AI’s potential to unlock significant medical breakthroughs. However, AI is also proving crucial in protecting the very systems which power these healthcare advances. With more and more facilities finding themselves reliant on digitalized technologies and IoT devices, having a cybersecurity solution that is able to detect, neutralize, and defend against cyberattacks in medical environments is vital.
There Is More Than Just Data At Risk
Indeed, the healthcare sector is not immune to attack. In 2017, the targeted ransomware campaign WannaCry crippled parts of the UK’s National Health Service for days on end, and in 2019, a malicious insider leaked the personal data of thousands of HIV patients in Singapore. And now, as we find ourselves in the middle of a pandemic, the task of protecting hospitals’ data systems–which hold everything from patient medical records to information about critical suppliers–has taken on renewed importance. Data breaches or system downtime must be avoided at all costs.
However, attacks against the healthcare sector are on the rise. This month, Interpol issued a warning that cyberattacks are increasingly targeting medical systems, with ransoms demanded ranging from $1,600 to $14,000,000. Not only is recovering critical data financially prohibitive, but the healthcare sector simply cannot tolerate the disruption. While cybersecurity incidents are often seen as technical matters, dealt with by back-office staff, the effects of a successful attack are felt at every level of the front line, resulting in unacceptable delays in treatments, failures in diagnostic decisions, and sometimes death.
The paralysis of computers inflicted by ransomware doesn’t stop at managers’ and administrators’ desktops either. In the age of IoT, a multitude of devices–including medical equipment such as ‘smart’ pacemakers and insulin pumps–are now increasingly hooked up to the Internet. These same devices are often the most vulnerable. Indeed, in the rush to get new medical equipment to market, cybersecurity protections are frequently overlooked, leading to unfixed vulnerabilities. The FDA has issued a number of recent recalls and warnings after such flaws were discovered, in a push to improve the default security standards of these apparatus. But, the reality is that no device or network is ever free from weakness, or safe from attack.
The Next Step: Anticipating Vulnerabilities, Not Just Repairing Them
Even the most fastidious security team will struggle to keep attackers out by simply keeping their systems updated and patched; threat actors are constantly finding new ways in. And when the attacker does get in, the speed at which the malware is executed often outpaces the security teams tasked with responding to them. This is not a problem that will be solved by simply hiring more people; when the threat moves at machine-speed, the response effort must do the same.
Faced with this dilemma, organizations are increasingly relying on AI to perform cybersecurity functions, often working autonomously when no human security person is on hand. Today’s cybersecurity AI is capable of not only understanding the difference between normal activity on the network and the work of a malicious hacker, but it can issue an immediate response that stops the spread of that attack–critical in fighting the ransomware that is a dominant concern for the industry now.
So-called “cyber AI” works by analyzing data flows within technology systems, and building an understanding of what is “normal” and “abnormal” for each user, computer, and device. Developed by the AI company Darktrace, the approach is analogous to the human immune system–fighting off a novel virus through an understanding “self.” It has been highly successful in identifying some of the most sophisticated cyberattacks in the last five years, from the WannaCry ransomware campaign to the intelligence gathering of foreign nation-state actors. The attacker might get inside, but they are caught early on, before they can do damage.
Cyber AI Is Most Effective When You Barely Notice It
Yet detecting the attack is only half the battle. Just as our antibodies mount responses to harmful bacteria and viruses, so too must cybersecurity systems react once a threat is discovered. And the course of action must be proportionate–enough to stop the attack, but not too extreme as to disrupt the rest of the organization. Good security means “business as usual” is supported. Cyber AI walks this fine line, automatically investigating incidents that have been detected and taking targeted action to stop them as soon as they arise. Meanwhile, the security team can get on with other higher-value tasks–AI has their backs in the seconds and minutes that count, as a cyber-incident unfolds.
With coronavirus patient numbers rising, uninterrupted access to the systems and data that enable medical professionals to do their jobs must be a priority. The greatest threat to our society in a generation demands the very best defense across every corner of the battlefield. Just as healthcare workers require personal protective equipment to safeguard them from this deadly disease, we should be demanding that the security of critical information networks is also prioritized.
Now more than ever, artificial intelligence will be critical to that task as the healthcare sector battles against increasingly advanced threats. The front line depends on it.
To find out more, visit Darktrace’s website.