We utilize artificial intelligence for site translations, and while we strive for accuracy, they may not always be 100% precise. Your understanding is appreciated.
Home/
Blog
/
World-Leading Healthcare Provider Protects Its…
Healthcare | Customer Stories
World-Leading Healthcare Provider Protects Its Network from Cyberthreats with OPSWAT
Clalit Health Services relies on OPSWAT technology to securely manage millions of files containing sensitive patient information.
Share this Post
About Clalit Health Services: For over 100 years, Clalit has been at the forefront of medical care and health innovations in Israel. They are now the largest provider of public and semi-private health services in the country (and the second largest HMO worldwide) with over 4.9 million customers served through 14 hospitals (30% of Israel’s hospital beds) and over 1,600 primary clinics, 820 pharmacies, 40 child health centers, 100 physiotherapy institutes, 100 dental clinics, 60 mental health clinics, 55 specialist centers, 55 imaging institutes, and 50 women's health centers. Given Clalit’s size and their responsibility to protect vast quantities of patient data, the need to integrate OPSWAT’s advanced infrastructure security into their workflow was critically important.
What's the story? Attacks against healthcare providers worldwide have doubled since 2022. As one of the world’s largest healthcare organizations, providers like Clalit Health Services have become prime targets for ransomware and zero-day attacks by cybercriminals.
By working in partnership with OPSWAT over time to proactively address areas of vulnerability, however, Clalit has become a model for how to provide total protection for critical infrastructure by creating an enterprise file security service that utilizes 14 MetaDefender Cores with Multiscanning and Deep CDR, as well as four MetaDefender Sandboxes and MetaDefender ICAP servers.
Ransomware attacks against healthcare enterprises have nearly doubled worldwide since 2022 according to a report from the Cyber Threat Intelligence Integration Center. Why such a rise in the healthcare sector?
According to a recent US Department of Health and Human Services study on the hospital resiliency landscape, healthcare facilities’ dependency on Internet-connected systems, large amounts of sensitive, personally identifiable information and personal health information data, and facilities’ critical need for continuity of operations are the three primary reasons this sector has become such a prime target.
As the second largest health maintenance organization (HMO) in the world and the largest in Israel, Clalit Health Services provides healthcare to more than 52% of the Israeli population through more than 1,600 clinics and 14 hospitals. Not surprisingly, Clalit has been a frequent cyberattack target with threats against their facilities increasing dramatically since 2023. As Zahi Ben-Abu, head of security and infrastructure communication at Clalit explained, “our previous solution was not up to our standard of security as a critical infrastructure in the field of healthcare in Israel.”
To meet their high internal standards and comply with strict government regulations on healthcare providers in Israel, Clalit turned to the experts at OPSWAT to create a total solution that would ensure their critical infrastructure was completely protected.
Meeting the Challenge of Volume and Security
Clalit processes some 5 million files a day from diverse sources and file types —many of which contain sensitive patient health information. The need for a solution that could handle this tremendous volume, provide scalability and flexibility and guarantee files being shared were malware-free was paramount.
Our previous solution was not up to our standard of security as a critical infrastructure in field of healthcare in Israel.
Zahi Ben-Abu
Head of Security and Infrastructure Communication
At Clalit, files can arrive from a number of sources including partner companies, suppliers, hospitals, banks, legal organization, and government agencies. These files also come in many forms including CSV, PDF, Word, medical images, and binary files so the solution also needed to be able to process a wide variety of file types.
Above all, Clalit needed a way to protect their infrastructure against malicious files entering their system from any external source.
Creating a New Model for Infrastructure Protection
“We saw value in building a central solution for all file scanning,” Zahi Ben-Abu, head of security and infrastructure communication for Clalit explained.
We started the process with integration via API to our Managed File Transfer (MFT) and secure email solution. We then proceeded with the ICAP servers to connect to our proxy servers for inline scanning of web traffic. Finally, we connected the ICAP servers to our reverse proxy and API gateways to provide the ability to scan file uploads and web application traffic.
Tamir Shahar
Infrastructure Architect
Today, all files that enter Clalit through channels that include email, API, managed file transfer, the Internet, and the Cloud are scanned by 13 antivirus engines, and Deep CDR. If the files cannot pass CDR or are excluded, the files will then be sent to MetaDefender Sandbox for further analysis. All scanning is done inline via API or ICAP.
As Omer Keidar, head of critical infrastructure and cyber at Clalit described, “With OPSWAT, we are assured that our data is secure and our files are malware free.”
Inside OPSWAT’s Protective Layers: How Our Technology Secures Clalit’s Infrastructure
By assuming every file contains a potential threat, such as malware or zero-day exploits, CDR (Content Disarm and Reconstruction) disarms threats by regenerating safe, usable files. Deep CDR technology strengthens detection-based, anti-malware scanning with prevention-focused defense, protecting organizations from file-based threats, including targeted attacks.
OPSWAT's Deep CDR sanitizes files by removing threats and rebuilding them to prevent file-based vulnerabilities.
Traditional security measures do not always detect sophisticated cyber threats, which includes zero-day attacks. Deep CDR addresses this by sanitizing files at a granular level, thus reducing the risk of advanced and emerging threats.
A key part of Clalit’s cybersecurity relies on OPSWAT’s unique Multiscanning technology which offers advanced threat protection that increases detection rates, decreases outbreak detection times, and provides improved detection accuracy compared to single-vendor, anti-malware solutions.
By working together and augmenting Deep CDR, Multiscanning provides a critical layer of protection against advanced and zero-day threats that commonly target healthcare providers.
Research has shown that as more anti-malware engines are deployed, malware detection rates improve. In OPSWAT’s solution, the strengths of each engine combine to offer superior detection to identify more threats faster. By combining the results of multiple scanning engines, OPSWAT can reduce outbreak exposure times, provide a global visibility to threats, and achieve virtually zero exposure to malicious files.
In a recent multiscanning test of more than 10,000 of the most active threats, OPSWAT achieved over 90 percent detection with 12 combined engines, over 95 percent detection with 16 engines, and over 99 percent detection with 20 or more engines.
As file volumes increase and threat actors continuously improve their techniques to create increasingly sophisticated malware to evade security solutions, organizations need the ability scan thousands of files for malware quickly while simultaneously defeating every layer of obfuscation to identify valuable IOCs (indicators of compromise)–all with low resource requirements, easy maintenance, and high efficacy.
MetaDefender Sandbox’s unique adaptive-threat-analysis technology extracts IOCs 10 times faster than a traditional sandbox while providing 100 times more throughput. On just one server, MetaDefender Sandbox can process 25,000 or more files a day and its Adaptive Threat Analysis technology enables zero-day malware detection while extracting more IOCs.
OPSWAT’s Sandbox has very fast verdicts, thanks to emulation and is integrated with other products like Deep CDR. Thus giving the best inline experience for scanning files with minimum disruption to users and allowing easy management.
Tamir Shahar
Infrastructure Architect
Working together in unison, OPSWAT’s solutions ensure that Clalit’s critical infrastructure is totally protected.
Bringing Value With Better Solutions
The technical team at Clalit was quick to point to a number of benefits that have made protecting their critical infrastructure against threats easier with OPSWAT solutions.
“OPSWAT’s Deep CDR supports the widest variety of file formats, including documents, images, and multimedia files,” Tamir Shahar, infrastructure architect at Clalit said.
“In addition, Deep CDR reconstructs files with high fidelity after disarming. This means that the sanitized files retain their original format and functionality, minimizing the impact on usability and productivity. This contrasts with other CDR solutions that may strip out too much content or functionality during the sanitation process.”
Other benefits that Clalit’s cyber experts point to when using OPSWAT include:
Enhanced user experience: Sandbox produces very fast verdicts thanks to emulation and it easily integrates with other products like Deep CDR. This provides the best inline experience for scanning files with minimum disruption to users.
Time savings: OPSWAT’s Sandbox is critical for detecting unknown threats and it emulates files 10 times faster than a typical sandbox.
Superior file support: Multiple antivirus engines provide Clalit with the flexibility to support all files, types, and different situations such as files that cannot be sanitized.
With OPSWAT, we are assured that our data is secure and our files are malware free.
Omer Keidar
Director of Information Technology,Infrastructure & Cyber
Providing Total Protection
Due to the sensitive nature of the millions of files they handle each day. Clalit needed a total protection plan backed by the most innovative technology available. With OPSWAT’s best-in-class solutions working together in seamless harmony and evolving through constant innovation to meet the ever-changing threat landscape, Clalit now stands as a model for what healthcare organizations can do to protect their critical infrastructure while resting assured that their customers’ sensitive healthcare files are thoroughly protected.
As Zahi Ben-Abu summarized, “with OPSWAT we are confident that the sensitive data and information of our customer is secure.”
To learn more about how OPSWAT can benefit your critical infrastructure, reach out to an OPSWAT expert today.
OPSWAT’s Sandbox has very fast verdicts, thanks to emulation and is integrated with other products like Deep CDR. Thus giving the best inline experience for scanning files with minimum disruption to users and allowing easy management.
