Ransomware Attacks on Healthcare: How Can You Protect Yourself?
In 2017, the world faced two tremendous ransomware attacks called WannaCry and Petya. The first virus affected 150 countries, with the second detected in 65 countries. It is terrifying to imagine the negative consequences to the healthcare industry, should it be a victim of such a serious hacking attack. So, how should medical organizations build their security systems in order to protect themselves against ransomware malware?
What is ransomware? It is malicious software (malware) that gets access to files on a computer, encrypts data or fully removes access until a target action is completed. Criminals usually require payment for virus de-activation. According to a report made by Symantec, the average amount of compensation demanded in such an attack in 2016 was $294. In 2017, hackers now demand $1,077, on average, to decrypt data or renew access to computer files. Due to the CryptoWall 3.0 ransomware attack of 2015, attackers gained $325 million in revenues. To protect your medical institution from cyber attacks on healthcare systems, you should improve your virtual hospital data security system. In this article, we will provide you with a few useful tips that will help you stay safe.
Why Is It So Important to Be Prepared for Hospital Ransomware Attacks?
According to Experian’s data breach forecast, the most targeted industry for hacking attacks in 2017 will be the healthcare industry. The report states that the healthcare industry is typically a target since healthcare providers maintain patient information that can then be resold. An attacker’s main target is electronic patient medical records and, with the emerging tendency of implementing mobile applications in healthcare organizations, there appear new vulnerabilities that open up other areas for attack by hackers.
Ransomware uses one of the strongest human feelings: fear. Medical organizations are so scared of losing patient health information (PHI) that they prefer to pay criminals for decryption instead of using passive digital protection. Practice shows, however, that criminals may not restore the damaged system even if the “victim” has paid. This summer, nearly 45 victims paid $10,500 to clear the consequences of Petya ransomware. Unfortunately, they never got their data back since the attacker’s email address was suspended by the German Bitcoin provider.
Other predictions from Experian include:
Hackers will sell stolen passwords for several years after a successful data breach.
Regional cyber attacks will turn into a global virtual war.
Payment-based attacks will continue being a trend among hackers.
International companies will suffer the most from ransomware attacks.
The absence of a modern and effective security system make organizations that focus on healthcare vulnerable to ransomware. Healthcare cyber attacks can cause a lot of financial damage in medical organizations. As the pressure and risk of fraud increases in the industry, hospitals are much more likely to lose their medical records than ever before, which is why they have to implement reliable protection measures to avoid data theft.
How to Protect against Ransomware in Healthcare
In most cases, a decryption fee, which is demanded by IT criminals, is not the most serious threat in healthcare ransomware attacks. The risk of losing the important data, along with possible downtime, are the most significant threats for hospitals. The true cost of consequences can be calculated by taking into account a time when a hospital could not function. In the U.S., the Hollywood Presbyterian Hospital paid $17,000 to hackers, in order to reclaim access to its data, after experiencing over a week of downtime. As they could not provide some services when the data was lost, and employees needed twice more time to do their work manually, their losses were around $100,000 per day. How do you avoid this in your organization? Here are the tips that will help you make all virtual systems in your healthcare organization as secure as possible.
Use Endpoint Security Software
If a hospital uses an antivirus, it does not necessarily mean they have full protection. Most organizations which have suffered from Petya or WannaCry did, in fact, have antivirus software installed; however, it did not save them from a data breach. Antivirus software uses signature-matching-based protection, which is why it protects only from known viruses. When a new virus appears, even the most expensive antivirus solutions is useless. Therefore, all healthcare providers should consider installing endpoint security software, in addition to the antivirus system they are currently using.
According to a report provided by Duo Security, medical organizations are much more likely to use outdated software than companies in other industries. Such software contains known vulnerabilities that can be easily utilized by new ransomware, which is why healthcare providers must automate their software updating processes to reduce risks of data breaches. A reliable patch management solution will always keep software updated and prevent a ransomware attack on a hospital.
Increase Security Awareness among Employees
All healthcare organizations are covered under HIPAA rules that include privacy security principles. That is why a high level of security awareness among medical specialists is crucial for ensuring virtual protection. Do not hesitate to invest more in training programs that help employees who have access to ePHI, and teach them to avoid critical mistakes that can lead to a data breach. You can review this course outline example offered by the Department of Health and Human Services (HHS), as a start.
Ensure Regular Backups
Regular backups will help healthcare providers restore all their data in the event of a ransomware attack. If your organization has an enabled backup system, check the following aspects:
How often your system creates backups.
How much time it takes to restore all the data using a backup.
The path to a file where backups are stored.
The necessary regularity of backup creation depends on the amount of new data your organization receives. Determine an optimal regularity schedule for your hospital and remember that backups need to be stored in the cloud to avoid backup encryption in the event of a ransomware attack.
Ensure Proper Access Management
Limiting access to the absolute minimum for each employee is key to digital protection. Access levels should depend on specific requirements of a particular specialization and role. This principle is called the least privilege. The system must store the data that contains a summary of data access information including who, when, and where. This measure will help detect the potential reach of the problem.
Create a Recovery Plan
HIPAA requires the creation of a recovery plan that helps restore important information in the event of a data breach. One way or another, your plan must contain points that describe the necessary measures if a ransomware attack occurs. A recovery plan should look like a strict to-do list that allows even inexperienced employees to restore data efficiently.
In fact, it is not that hard to fend off ransomware for hospitals. Following our recommendations will help healthcare providers and their business associates protect patient health data and avoid tremendous financial losses. IT criminals have few chances to steal, encrypt, or remove your data if you have a reliable security system and have implemented all measures recommended above. Archer-Soft will gladly develop an effective security system for your healthcare organization and ensure strong protection from ransomware attacks. Feel free to contact us at firstname.lastname@example.org for more details. Let your business be protected with Archer-Soft!