HC3 TLP White Analyst Note: Application Programming Interfaces and Healthcare Cybersecurity

Executive Summary

Application Programming Interfaces (APIs) are a critical component to modern health information technology infrastructures. Due to their role in passing information between resources, they present themselves as an enticing target for attackers to either carry out data breaches or as hop points for further compromise. Understanding how they fit into a healthcare enterprise environment along with the associated security concerns they carry with them is a necessary but not sufficient part of protecting against common threats to healthcare in cyberspace. They are common targets among many threat actors and due to their versatility, they are frequently targeted regardless of the specific goal of the attackers.

Background – What are APIs and how do they fit into an Enterprise Infrastructure?

Application Programming Interfaces are relatively small software components that serve as a seamless interface allowing two applications or resources to talk to each other. In modern implementations, they are often the intermediary process engine that sits between a user-facing application and a database, cloud, or other resource which provides information or a service. From a developer’s perspective, the API enables separate software platforms to be continuously developed without interruption in their interoperability. APIs are one example of an iterative development methodology which, along with others such as DevOps, DevSecOps and Agile, enable incremental upgrades of application components to be quickly deployed to consumers without having to first submit to the longer quality assurance lifecycles of legacy technologies. APIs allow software applications to work well together even as they are upgraded over time