Malware in healthcare – training and protecting life-saving AI cybersecurity tools

The healthcare industry accounts for a significant number of the world’s reported data breaches and other kinds of cyberattack, with over 81% of UK healthcare organisations having faced a ransomware attack and almost half of US hospitals being forced to shut down their networks in 2021. Here, we explore the game-changing potential of AI to prevent even zero-day malware and address two of the most common questions around patenting AI-based cybersecurity technologies.

The zero-day malware threat

As an increasingly data-driven industry, dependent on remote networked devices — which, in turn, depend on an effective and secure telecommunications infrastructure — healthcare presents many attack vectors for cyber criminals to exploit.

Among the biggest threats is malware, which can cause medical devices to malfunction or provide unpredictable data and performance. Since zero-day malware exploits unknown and previously unprotected vulnerabilities, developers can often gain access to systems faster than patches can be deployed.

This speed means that techniques such as patch management, signature-based detection and exploit detection can be blunt instruments, as they assume knowledge of the vulnerability and where it lies. This is where AI comes in.

Characteristics vs signatures

AI-based tools can be trained to target characteristics of malware, rather than signatures, enabling the identification of anomalous behaviour instead of relying on known properties.

As an example, if the AI detects a piece of software that is designed to rapidly encrypt many files at once, this indicates that it could be malware — even if signature-based detection did not recognise a threat.

For healthcare systems, AI has life-saving potential, providing a better chance of identifying zero-day malware before it can be imposed and cause malfunctions.

AI, cybersecurity and patent protection

Since the patent system seeks to protect technological innovation, it naturally lends itself to protecting cybersecurity solutions that increase the resilience and resistance of the healthcare system.

However, there are two crucial questions that are frequently posed by innovators:

• Can AI-based inventions even be protected by patents?
• How can technology that crosses borders be protected by a territorial patent system?

Firstly, the patent system will protect an AI-based invention so long as it solves a technical problem. This may even be specific to the healthcare infrastructure — by, for example, solving a problem relating specifically to maintaining the privacy of patient data, or assisting in determining (based on network statistics) that an attack on patient data is taking place.

Secondly, while the patent system certainly is directed at providing territorial rights — which can cause difficulties when the technology may not be situated in a single territory — this can be mitigated by drafting applications that seek to cover the activities of the different actors within a system. For example, it’s possible to seek coverage for a server and a client entity separately in each important territory.

Innovation gathers pace

Innovation in this space is accelerating as healthcare becomes more data driven and the underlying infrastructure becomes more and more distributed. The proliferation of the 5G network means that medical devices and remote healthcare systems benefit from a functioning telecommunications network but are also more vulnerable to cyberattacks than ever before.

If you’re innovating in this space, get in touch with me for a free initial chat about your technology and how our software and cybersecurity experts can help.