Healthcare Cybercrime Is Evolving – Are You Prepared?
The US healthcare industry is becoming a target for nation-state attacks, and not just homegrown ransomware scams. Can you defend your healthcare organization?
Ransomware has become so common in the healthcare industry that for most, it’s just a part of doing business. More and more often, we see healthcare organizations simply choosing to pay the ransom, and transfer patients and services to nearby facilities while they restore their data.
While the threat of ransomware is still prevalent and destructive, much of the healthcare industry has learned how to deal with it. Unfortunately, there are newer threats entering the sector…
The Growing Threat Of Nation-State Attacks
The 2019-2020 Global Application & Network Security Report by Radware doesn’t offer very encouraging data for the state of cybersecurity as we begin a new decade. Respondents to the survey report an increasing rate of attacks by cybercriminals not based in the US, as well as mounting concern over the security offered by newer technologies like the cloud and the Internet of Things.
Perhaps the most concerning statistic determined in Radware’s report is the growing rate of nation-state cyber attacks. Whereas in 2018, only 19% of organizations believed they had been targeted by nation-states in a cyber attack, that number grew to 27% in 2019.
Often originating in Asian and Middle Eastern countries, nation-state cyber attacks are unique in their danger because they are often executed with greater resources and near-total immunity from any sort of justice when compared to garden variety, US-based hacks.
This is in addition to the still considerable rate at which ransomware is used to target healthcare organizations…
The Ever-Present Threat of Ransomware
Some cybersecurity experts were optimistic in 2018, reporting a slight decrease in the rate of ransomware attacks. But 2019 proved them wrong:
- The rate of ransomware attacks doubled
- The average cost of ransoms associated with those attacks increased by 184%
- The average downtime resulting from ransomware increased to 9.3 days
Not only has ransomware become more common, but it’s more expensive and more dangerous as well. Almost half of all ransomware incidents reported last year targeted healthcare companies. Their outdated legacy medical systems, limited budgets for investing in cybersecurity, and a lack of IT expertise, make them ideal targets:
- Alabama’s DCH Health System recently chose to pay the ransom and regain access to their systems after being hit by ransomware. The attack had resulted in three hospitals being shut down, leaving them unable to treat patients, and having to reroute ambulances.
- A Wyoming hospital’s operations were stopped dead because of a ransomware attack. With its data taken hostage, the hospital has had to cancel surgeries, transfer patients to other facilities, and stop admitting new patients for multiple days.
- The Olean Medical Group staff went without access to their systems and data for over 40,000 patients until they paid the hackers.
Are You Protecting Your Data?
As the most dangerous and more common consequence of cybercrime, data loss remains a top concern for all healthcare organizations. 30% of respondents to Radware’s survey reported lost data as the result of a breach as being a primary concern.
That’s why you need to take action now in order to protect your data from both nation-state cyber attacks and homegrown cybercrime scams in the future:
Make An Inventory Of Your Data Assets
You have to start from a place of understanding. Begin by taking stock of your data – what it is, where it is stored, etc. With that information, you can then move forward in protecting it.
You also have to consider the worst-case scenario. What would it mean to you if you lost your data right now? Do you have a backup plan? Do you have redundancies and contingencies in place?
Back Up Your Data
Do you have a data backup policy in place?
If not, then you’re vulnerable, right now, to ransomware. If you have a data backup solution, then it doesn’t matter if your data has been encrypted by ransomware. You can just replace it with your backup, simple as that.
That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.
Be sure to:
- Back up data on a regular basis (at least daily).
- Inspect your backups to verify that they maintain their integrity.
- Secure your backups and keep them independent from the networks and computers they are backing up.
Make Sure Your Staff Is Secure
A comprehensive cybersecurity training program will teach your staff how to handle a range of potential situations:
- How to identify and address suspicious emails, phishing attempts, social engineering tactics, and more.
- How to use business technology without exposing data and other assets to external threats by accident.
- How to respond when you suspect that an attack is occurring or has occurred.
Monitor For Intrusions
Security information and event management (SIEM) technology is a secure cloud service that provides 24/7 security and operation monitoring to oversee a given practice’s security needs. A SIEM solution offers a monitoring service, with adaptive threat protection that identifies active cyberattacks and takes action in real-time to protect your practice.
By integrating intelligence from global threat monitoring feeds, this solution responds to network-based zero-day exploit attempts, drive-by downloads, and advanced malware that routinely bypass conventional firewall and antivirus technologies.
This works in concert with a Security Operations Center (SOC) – this is a team of people, employing a range of proven processes and using carefully implemented technologies (such as SIEM) which are often centralized. They gather and analyze user reports and a range of data sources – such as logs — from information systems and cybersecurity controls.
Typically, the main point of a SOC in the healthcare setting is to identify, address and eliminate cybersecurity events that could negatively impact an organization’s information systems or data.
Is Your Organization’s Cybersecurity Effectively Managed?
On-Site Computers Inc. offers comprehensive cybersecurity services, to help you properly protect your organization against modern cyber threats, including nation-state attacks.
Mike Bowe | Published on December 12, 2020