Held Hostage by Ransomware: Cybersecurity Risks to Healthcare

There seems to be a new data breach or ransomware attack making headlines every day. Healthcare organizations are not immune to cyberattacks — just the opposite. Healthcare systems are a prime target for malicious hackers, and most aren’t equipped to defend against an attack. What can healthcare organizations do to protect themselves and their patients from cybercriminal threats?

What is ransomware?

Ransomware is malicious software, or a piece of code, attackers use to encrypt data files and/or block access to computer networks. Cybercriminals then hold the target organization’s data or network access hostage until they receive the demanded ransom.

Cybercriminals exploit both human and technological weaknesses to gain access to computer networks. Often, they will send legitimate looking emails asking the recipient to click on a link to complete a task. The link then downloads the code onto the computer, and moves from a single computer to the network at large. Ransomware may also take advantage of security gaps to gain access. Ransomware attacks cost hospitals money, but they can also cause harm to patients and erode trust in the healthcare system.

Why are hospitals targeted?

Hospitals are prime targets of ransomware for three primary reasons:

• They must store vast amounts of data critical to patient care.

• They often have cybersecurity vulnerabilities to exploit.

• They are typically willing to pay ransom fees rather than risk the health and safety of their patients.

How can hospitals protect themselves?

The first thing hospitals and healthcare organizations need to do is implement security awareness training for all personnel to limit the human factor of cybersecurity vulnerability. Remind employees not to open emails they are unsure of or click on suspicious links. Teach them to be aware of red flags, such as misspelled company names or dubious URLs.

Hospitals need to update their software platforms regularly, enhance security measures, and run frequent vulnerability checks. Data backups are essential for getting up and running after a ransomware attack, but backups must be saved to a repository not connected to your network (e.g., cloud storage). Otherwise, your data backup could be breached or locked as well. Make a thorough incident response plan that includes all departments, so remedial action can be taken quickly.

Many hospitals opt to pay the ransom because they don’t want to disrupt patient care, and they’re under the false impression that insurance will cover the cost. Law enforcement agencies advise hospitals not to pay ransoms because it will encourage future attacks. Instead, they should contact the FBI to file a report.

To learn more about cybersecurity for healthcare systems and revenue cycle management, contact Healthcare Resource Group.