Holding Your Hospital Hostage: Ransomware and Other Cyberattacks on Your Health
Over the past year and a half, as hospitals and healthcare facilities fought against the COVID-19 virus, they’ve also been forced to fight a different threat – cybercrime. Because of increased use of digital technologies, electronic file storage and transfer, and telemedicine, hospital systems are prime targets for hackers and cybercriminals. Cyberattacks affect a hospital’s finances and reputation, but they can also affect an individual patient’s health and wellbeing. What can healthcare organizations do to protect themselves and their patients from cybercrime?
Cybercrime and healthcare organizations
The COVID-19 pandemic has done more than put people’s lives in jeopardy; it’s also added stress to hospital computer networks. The virus has made hospitals and facilities more vulnerable to cyberattacks for two reasons: There are more remote workers with vulnerable computer systems, and hackers are using social engineering to capitalize on COVID-19 fears and make workers more likely to fall for phishing scams.
These vulnerabilities can lead to data breaches that expose patient health and financial records. Attackers can sell the information they steal, infect IT systems with malware, or hold systems hostage in exchange for ransom.
The rise of ransomware
One of the biggest cybersecurity threats is ransomware, and hospitals and healthcare facilities are especially vulnerable. In Oct 2020, a joint statement from the Cybersecurity and Infrastructure Security Agency (CISA), FBI, and the Department of Health and Human Services (HHS) warned about increasing ransomware attacks against hospitals.
Because of increased use of digital technologies to deliver healthcare services, hospitals have become primary targets for cybercriminals. Fear tactics, such as the scarcity of personal protective equipment (PPE) or the spread of the virus, allow attackers to exploit human vulnerability to tempt end users to click on links that download malware.
When malicious code gains access to your network, it can wreak havoc. It may lock a single computer or your entire network. And it may gain access to valuable data and encrypt it so authorized users can’t access it. These tactics can slow or shut down business operations until a ransom is paid. Hospitals will often simply pay the ransom because it’s less expensive — and less dangerous to patients — than shutting down operations.
Protecting your healthcare organization
To protect your healthcare facility from ransomware and other cyberattacks, it’s important to take steps to prevent them in the first place. Measures every healthcare organization should immediately implement include:
Strong passwords and multifactor authentication for authorized users.
Automated security software updates.
Regular scans and continuous monitoring for cybersecurity threats.
Monitor remote access logs, and disable unused remote access ports.
Train users to recognize malicious emails and phishing scams.
Use a third-party anti-ransomware solution.
Akamai and the Center for Internet Security (CIS) is offering a Malicious Domain Blocking and Reporting (MDBR) service free to all U.S. hospitals and healthcare facilities in the United States.
Organizations on the receiving end of ransomware attacks have a big decision to make. Refuse to pay and suffer the consequences of business and healthcare disruption, or pay a large sum of money and hope the attacker restores data access. Paying up could also make a facility a target for future attacks, and as more hospitals choose to pay to retrieve their data, the more likely ransomware attacks will continue. Whatever the final decision, it’s essential to report the incident to the authorities, communicate the scope and consequences of the attack to stakeholders, and consult with cybersecurity experts to patch security vulnerabilities and prevent future attacks.