When Sustainability and Security Align As sustainability reporting leaps up boardroom agendas, a byproduct of enhanced visibility is uncovering the most secretive malware.
Published by The Label Man on 14th Mar 2024
Hospitals are under attack. Every hour, hundreds of public sector bodies are struck. One of the most infamous onslaughts was the WannaCry ransomware attack in 2017 which grounded the UK National Health Service to a halt by infecting 70,000 devices. Non-critical services stopped. Ambulances were diverted.
As the threat morphs and evolves, it remains focused on targeting softness. I liken attackers to the Velociraptor in a famous dinosaur movie, tapping an electrified fence surrounding its enclosure until it finds weakness, then breaking through the protective layers and reaping havoc on its victims at a monstrous level.
The game of cat and mouse gets ever more sophisticated. Spyware is being installed that completely evades traditional means of detection. It's not coders playing about here, either. These are government-grade devices, data systems, and security defenses that are being breached by code designed to eradicate all evidence of its upload. It’s a zero-touch threat, meaning you no longer need to click on a dubious link to become a victim. A missed call from an unknown number, a text, or a video file is all it takes for your devices (and connected systems) to be infected. These types of attacks are seemingly unstoppable.
Predator, Pegasus, and 30 other virus variants are being used by governments as well as organized crime groups and hackers on a mission to get inside your systems. Historically, devices crashing and odd alerts may have drawn your attention to an infection. But now you could have spyware secretly lurking on your device, listening to your every conversation, and feeding sensitive information back to an unknown foe.
Whilst a spy listening through my phone might get insider information on my latest endurance training plan, malware in a hospital environment poses significantly higher risks and impacts. Leaked data may be used to blackmail patients. Hospitals will face fines. Compromised devices will be taken from circulation. The cost implications are huge, culminating in reduced efficiency and depleted outcomes.
And that is just when things get spotted and dealt with. Think too of the hidden ears listening to private health information of high-profile celebrities, servicemembers or politicians – or simply your average private citizen whom someone deems influential in business or society. Unfriendly nations collating information to be used to strategize attacks. Scenes straight from a spy movie. Or criminals building a profile so they can fraudulently act as their victims.
Grim, I know. But it’s not all doom and gloom.
In fact, it is from an unlikely source that we find an ally against submerged cyber invasion: sustainability monitoring.
As our environment rapidly changes, healthcare organizations have acknowledged the threat to human health grows too. Extreme weather conditions, air pollution, changes to delicate ecosystems impacting the balance of bacteria and viruses – with the vulnerable and least able to cope impacted most. A goal of ‘zero overall carbon emissions’ has become a beacon of best practice with the UK leading the way, aiming to be ‘the world’s first net zero national health service.’
The solution to a carbon-neutral organization is the sum of many different changes. The management of vehicles, waste, facilities, catering, and energy to name but a few. In “Delivering a Net Zero Health Service”, the NHS addresses indirect emissions from electricity in its Scope 2 as an area of focus. These big ambitions cascade into individual Trust Green Plans like that of the Herefordshire and Worcestershire Health and Care NHS Trust (HWHCT). HWHCT has already achieved big electricity gains via large capital expenditure (CAPEX) projects like LED lighting at Prince of Wales Community Hospital and solar panels at Hillcrest. But many, many small changes across large numbers of facilities and systems add up to become game changers, too.
With 18% of emissions in the NHS coming from devices, trusts are devising plans to bring this number down. HWHCT intends to ensure printers, computers, lights, and other electronic equipment components are turned off overnight or otherwise not in use. But I know this can be taken many steps further.
Consider Zebra devices. Thousands of handheld mobile computers, wearables, tablets, label printers, barcode scanners, and RFID readers may be dispersed across multiple sites. These devices, like all other appliances, have an impact on carbon emissions, which is why it is so important to understand the many, many small changes that have been made in their design and can be made in their utilization to help achieve your organisation’s sustainability objectives as well as society’s collective objectives.
As a basis, each Zebra device is embedded with 'Zebra DNA' software which is designed to extend the life of the hardware. The Zebra DNA software suite empowers device users to achieve peak efficiencies under the full control of management and/or IT administration. From monthly security patching with Zebra LifeGuard to enterprise level features such as the kiosk-mode lockdown home screen, this software suite provides a comprehensive way to keep all devices operational for as long as possible, thus reducing the demand on production lines, technology recycling operations, or even waste disposal sites. And all of these can have environmental impacts. Peaks in energy draw can be identified and rectified. Batteries can be optimized. Devices can be located and brought in for service. Updates to enhance performance can be made remotely.
It is within this performance sensing capability that lies the interesting piece of the puzzle – where security and sustainability overlap. Security breaches are so subtle that the user has no idea they are compromised. However, changes to the energy usage pattern on the device can indicate unexpected activity is occurring.
These changes are called symptomatic changes, and it is the most crucial piece of information that can be utilised when dealing with securing related attacks.
With tools such as Zebra’s Visibility IQ Foresight, you can pull device and app-level data through the data services agent that can be installed on each device. This gives you visibility into unusual activity and the power to act upon any unexpected behaviour identified – behaviour that would otherwise be hiding in the background and harming your estate. The simple dashboard interface allows you to monitor performance to help you devise mechanisms to keep malware out plus give important utilisation patterns data and drive efficiencies to help achieve those net zero goals.
Patient safety is not compromised, hospital security remains intact, and the addition of many small energy savings delivers a huge win to the planet. The losers are the criminal underworld trying to profiteer from security breaches or foe organisations seeking to cause mass disruption.
And the benefits don't stop there. Enterprise-managed devices are designed to last significantly longer than consumer devices from a pure design perspective, which supports goals to drive down emissions in the supply chain. Their standard lifespan is five to seven years, and often much longer for some rugged tablets and printers. So, you're taking out two or three cycles of the manufacturing footprint where the load is much higher in the first year from e.g. mining rare minerals and piecing together components from different locations. You’re also reducing the volume of components that can’t be recycled and end up in landfills – or that can be recycled but must be transported (emissions) to sites for processing (potentially more emissions).
In fact, just a few years ago, Deloitte Global predicted that smartphones—the world’s most popular consumer electronics device with an installed base of c.4.5 billion—would generate 146 million tons of CO2 or equivalent emissions (CO2e) by 2022. The firm expected the bulk of these emissions, 83% of the total, would come from the manufacture, shipping, and first-year usage of the 1.4 billion new smartphones scheduled to ship in 2022. That number holds fairly steady today considering that 1.1-1.2 billion new smartphones will likely ship in 2024 – each of which has a footprint of 85 kilos of CO2e.
The pandemic changed the way people work and how patients are treated and supported. Home treatment and virtual consultations burgeoned, driven by digitalization, which helps contribute to de-carbonizing. Fewer visits mean fewer car journeys, facility costs, heating, electricity, and so on. But it’s important to consider the manufacturing impact and invest in long-lasting products upfront.
Because enterprise devices are built more durable than consumer devices from a physical perspective, and they’re designed to support many years of software and security updates, they have longer lifespans. This, in turn, reduces the frequency of new device production required to replace aging devices. Instead of turning over your entire device fleet (and requiring the manufacture of new devices) every year or two, you may be able to go five-plus years before needing new devices to be made in support of your business.
Plus, devices built for use in enterprise, field and industrial environments have a reduced total cost of ownership (TCO), the ability to see and address inefficient energy use, and the added extra of weeding out security breaches. Yet, it gets even better with Zebra devices as these are purpose-built for environments where special considerations are needed in device design and performance. Take the new HC20 and HC50 handheld devices as an example, which were built specifically for use in healthcare. Yes, they’re secure and easy to manage with Zebra DNA (like all other Zebra enterprise-grade devices). Yes, they’re robust and designed for a three-year product lifecycle plus another three years of support. (Which is quite a long lifecycle for a mobile device.) But they’re also adorned with healthcare-specific features including disinfectant-tolerant plastic, an emergency response button, and a high-quality scanner for positive patient identification among other critical patient care and billing actions.
It all makes perfect business, environmental and security sense. And remember those unstoppable (cybersecurity) viruses? Well, with Zebra DNA tools helping you monitor your devices, or automatically alerting you to unusual usage trends, they can be identified and stopped in their tracks.
To find out more about how Zebra devices protect you against invasions and help protect the health of the world, contact your Zebra representative and check out the other below insights from my colleagues and your peers.