The healthcare industry has been at the forefront often lately. In addition to controlling the effects of COVID-19, it has been a primary target for ransomware. In a survey conducted among 597 health organizations (HDOs) in 2021, 42% had experienced two ransomware attacks in the past few years. More than a third (36%) led these ransomware incidents to a third party, such as what happened earlier this year. has happened Kaseya. The ramifications go beyond stolen health data, although that’s important too. What does it mean when a health organization is exposed to an attack? And what can you do to protect yourself?
Health data has a direct impact on patients
These attacks have reduced the confidence of many HDOs in their ability to counter the risks posed by ransomware. More than half (61%) said they did not trust their ransomware defenses after the events of 2020, for example. That is 55% more than a year earlier.
Ultimately, ransomware attacks undermine the mission of health organizations to provide timely care to their patients. Consider the following results from the Ponemon Study:
- Almost three quarters (71%) of those surveyed said that a successful cyberattack resulted in longer patient dwell times
- Around the same proportion said ransomware attacks caused delays in medical procedures and tests that resulted in poor outcomes for patients who needed them.
- Slightly fewer (65%) said the seizures caused an increase in the number of patients being diverted or transferred to other facilities
- More than a quarter (36%) of respondents had seen an increase in complications from medical procedures following a ransomware attack
- About a fifth said that cyberattacks had increased the death rate of their patients.
Hospital cyberattacks on the news
The currently most conspicuous cyber attacks also go beyond health data. In September 2020, for example, the German authorities investigated the Death of a woman after a ransomware attack on a hospital. The patient died after being rerouted to another hospital more than 30 km from her intended destination, Düsseldorf University Hospital. The facility dealt with a Double Paymer Ransomware attack that prevented you from receiving it.
After an investigation into the incident, German law enforcement officials found that the victim’s medical diagnosis was so serious it would have died no matter which hospital she might have allowed it.
In October a woman in Alabama did Lawsuit filed claims a hospital did not inform them that a ransomware attack disabled their computers. The lawsuit alleged that hospital staff had limited care for their baby. The baby was born with a serious brain injury and later died. Attackers who stole money or health data ended up doing something much worse.
The Wall Street Journal found that many of these attackers deployed their payloads on health care networks faster than in other cases because they thought their victims would be more likely to pay. The logic was that they needed to get sensitive health information as quickly as possible in order to treat their patients. In response, these organizations may not have had time to negotiate with ransomware actors. So you might have been able to meet the demands of these attackers without question.
How health organizations can defend themselves
Many HDOs surveyed are preparing for a ransomware attack targeting their health data or critical systems. For example, 54% created a Business continuity Plan that included planned system outages in the event of a ransomware incident. Others invested in Cyber insurance, checked and increased Fuses critical systems and resources allocated to a ransomware attack at 51%, 34% and 23%, respectively.
These and other measures can certainly help healthcare organizations respond to a ransomware attack. But it’s just as important that they take steps to help prevent a ransomware infection in the first place.
Invest in first Safety awareness training for employees. Create modules that address ransomware along with other relevant threats, such as: Insider threats, the privacy of medical imaging and Supply chain risks. This enables people to identify and report potential threats to their patients and health data. This in turn improves the general security situation of your employer.
Keep up to date
Security awareness training is of course an ongoing process. This means that the infosec employees have to continuously revise their employee training. Make sure you keep an eye on new and emerging threats. This is particularly relevant for ransomware. In this threat landscape, attack operations are constantly being renamed and assuming more levels of extortion. To do this, security teams can stop using Threat intelligence Keep up to date. You might consider combining third-party streams relevant to your industry with internal sources. This gives them the broadest possible insight into their unique threat profile.
Finally, teams can implement technical controls that help prevent gangs of ransomware from using common attack vectors. These measures include email filters that block messages with embedded links for illegal domains, disabling Remote Desktop Protocol (RDP) on Windows computers that do not require remote access, and using Vulnerability management to prioritize the elimination of known vulnerabilities affecting authorized software and hardware assets.
Sooner, not later
Healthcare is one of the sectors where a ransomware attack could harm a person’s physical safety and wellbeing. Nobody wants the reputational damage and other costs that such an incident could entail. In addition, there is the potential breach of health data. Hence, health organizations need to be proactive and make sure they are right Ransomware protection solutions sooner rather than later on the spot.
#Ransomware #attacks #hospitals #health #data