How healthcare can avoid a ransomware diagnosis

Print Friendly, PDF & Email

Healthcare has always been a critical, high-stakes industry, where just a minute’s delay can mean the difference between health and wellness, life or death. This became even more pronounced during the COVID-19 pandemic, where hospitals, their staff, and the systems they rely on were put under extreme pressure and strain due to the sheer number of patients needing care. Health workers stepped up and worked tirelessly to save lives and subdue the spread of the virus. However, cybercriminals saw an opportunity in the crisis and sought to profit from the mass suffering.

In May 2021, a ransomware attack forced Ireland’s public health service offline, resulting in countless canceled hospital appointments and disruption of COVID-19 testing centers when they mattered the most. And now that the Internet of Medical Things (IoMT) is connecting IV pumps, heart monitors, ventilators, and other medical equipment, cybercriminals are looking to attack these crucial devices too.

Healthcare organizations are attractive targets for ransomware gangs. Due to the life-or-death nature of the services, there is extreme pressure to resolve attacks as quickly as possible. Attackers hope that paying the ransom is seen as the quickest, most painless solution. The vast amount of sensitive patient data and the limited budgets of healthcare organizations also attract ransomware attacks as attackers hope that data has not been backed up or security initiatives are lagging.

So, what is ransomware? In short, it is malicious software that criminals deploy to either encrypt your data or take your systems offline, demanding a ransom to decrypt the information or restore networks. These techniques are not new, rather they are well-engineered combinations of old vulnerabilities with new elements added, meaning that, while dangerous, it is entirely possible to defend against them.

There are three key areas that must be secured in order to stop today’s ransomware attacks in their tracks:

  1. Secure your email and train your staff

Email is the most common method of spreading ransomware through an organization. There are 13 email threat types that criminals commonly employ to access credentials, from infected links in staff emails to more sophisticated spear-phishing attacks. Implementing the right email protection and training staff to recognize and escalate these threats is a sure-fire way to intercept attacks.

  1. Protect your applications

 Web applications, for example, those used for eHealth services, are a top vector for attackers, who can use them to spread ransomware laterally through supply-chain attacks, or by targeting customer service portals. Adopt a Zero Trust access model and reduce the risk by implementing continuous user and device verification to ensure that users have the access they need while reducing attack surfaces.

  1. Be prepared to respond to an attack

Sometimes, despite precautions, organizations are still hit with a successful attack. The best way to limit the ramifications of such attacks is to back up all data, including the data from cloud-based applications, collaborative applications, and email. Encrypt these backups and keep multiple copies in multiple locations. Make sure to test these backups to confirm that you can restore quickly and fully if needed.

While every sector has factors that put it at risk for ransomware attacks, healthcare has an added layer of risk due to the life-or-death nature of these organizations. With the average ransom paid by healthcare organizations in 2020 totaling $910,335, – likely to rise in the future – it’s never been more important to protect healthcare from ransomware. To learn more about how to treat the risk of ransomware, read our ransomware for healthcare eBook.

Scroll to top