By: Cody Jamison

Ransomware attacks are a growing threat to healthcare organizations. Like a really bad flu – ransomware leaves everyone feeling sick and vulnerable. These cyber-attacks can have a devastating impact on hospitals and medical facilities, disrupting patient care and putting sensitive information at risk. According to a recent analysis conducted by NCC Group, ransomware attacks witnessed a staggering 91% surge in March 2023 [1]. The month alone accounted for a total of 459 confirmed attacks, reflecting a significant 62% increase compared to March of the previous year [1]. These findings are consistent with the growing concern highlighted in a report from HIPAA Journal, emphasizing that healthcare ransomware attacks now pose a threat of up to 30% of operating income [2].

A “Digital” Hostage Situation

To briefly review, ransomware attacks typically begin with a phishing email. The email contains a malicious attachment or link that, when clicked, installs ransomware on the victim’s computer. Once ransomware is installed, it encrypts the victim’s files and demands a ransom payment in exchange for the decryption key.

The Deadly Impact of Ransomware Attacks on Healthcare

Ransomware attacks pose a grave threat to healthcare organizations, inflicting severe consequences that disrupt patient care, generate substantial financial losses, and compromise the confidentiality of sensitive patient data. Understanding the far-reaching implications is crucial:

  • Disruption of patient care: When ransomware encrypts patient files, it can make it impossible for healthcare providers to access those files. This can lead to delays in diagnosis and treatment, as well as the need to manually re-enter patient data.
  • Financial losses: Ransomware attacks can cost healthcare organizations millions of dollars in lost revenue, as well as the cost of paying ransoms and recovering from the attack.
  • Data breaches: Ransomware attacks can expose sensitive patient data, such as names, addresses, Social Security numbers, and medical histories. This data can be used for identity theft, fraud, and other crimes.

Steps to Protect Vulnerable Systems and People

The Cybersecurity and Infrastructure Security Agency (CISA) underscores the urgency, stating, “Given the increasingly sophisticated and widespread nature of cyber-attacks, the healthcare industry must prioritize cybersecurity and make the necessary investments to protect its patients.” [3] To heed this call, healthcare organizations should consider the following approaches:

  • Maintain up-to-date software and systems: Regularly update operating systems, applications, and security software with the latest patches and security updates to address vulnerabilities that attackers may exploit.
  • Employee training: Employees should be trained to identify and avoid phishing emails. They should also be aware of the risks of clicking on links or opening attachments in emails from unknown senders.
  • Employ strong access controls: Implement the principle of least privilege, ensuring that users have the minimum necessary permissions to perform their tasks. Use strong, unique passwords and consider multi-factor authentication (MFA) to add an extra layer of security.
  • Implement robust cybersecurity measures: Utilize firewalls, intrusion detection systems, and antivirus/anti-malware software to protect your network and endpoints from potential threats. Consider using advanced threat detection technologies, such as behavior-based analysis and machine learning, for enhanced protection.
  • Regularly back up critical data: Establish a comprehensive data backup strategy that includes regular backups of critical systems and data. Store backups offline or in a separate, secure location to prevent them from being compromised in an attack. Test the backup restoration process periodically to ensure its effectiveness.
  • Business continuity planning: Healthcare organizations should have a business continuity plan in place. This plan should outline how the organization will continue to operate in the event of a ransomware attack.

By adopting these proactive cybersecurity measures, healthcare organizations can significantly strengthen their defenses against the mounting ransomware threat. Volta’s managed security solutions can act as a vaccine against ransomware attacks. Investing in robust security practices ensures the protection of sensitive data, fosters trust with patients, and helps maintain the integrity of healthcare systems in an increasingly interconnected world. With the right defenses in place, we can fight off the “virus” of cyber crime, and keep our healthcare systems healthy and secure.

[1] Source: NCC Group analysis.

[2] Reference: “Healthcare Ransomware Attacks Threaten Up to 30% of Operating Income” – HIPAA Journal. URL: https://www.hipaajournal.com/healthcare-ransomware-attacks-threaten-up-to-30-of-operating-income/

[3] Reference: Cybersecurity and Infrastructure Security Agency (CISA). “Healthcare and Public Health Sector.” StopRansomware.gov, 2021, https://www.cisa.gov/stopransomware/healthcare-and-public-health-sector