But one industry that seems to be hit particularly hard by ransomware attacks is the healthcare industry. They consistency show up at the top of the list of industry targets.
Ransomware is a threat to every industry and companies of all sizes. According to Trend Micro, attacks have spiked 77% in the first half of 2019.
But one industry that seems to be hit particularly hard by ransomware attacks is the healthcare industry. They consistency show up at the top of the list of industry targets.
Why is healthcare targeted so often?
It comes down to the data and the urgency of needing that data. For hospitals, doctor’s offices, and others in the healthcare industry. Having access to patient records as fast as possible can be life or death.
Hackers understand that data access is particularly sensitive when it comes to healthcare. So they calculate that this industry will be more willing to pay the ransom and pay it faster than others.
88% of all ransomware attacks target the healthcare industry.
Unfortunately not all healthcare systems have strong data security solutions in place which can leave them open to these types of attacks.
What Happens During a Ransomware Attack?
Ransomware is a very specific type of malware that encrypts (or otherwise makes unreadable) the attacked network’s data. This leaves the organization scrambling for a solution as they can’t access any of their files.
A malicious link in a phishing email is a common way to deliver malware. It can also infect a device through an unpatched vulnerability (i.e. if a security update wasn’t applied) or by clicking a malicious website link.
Once the ransomware takes effect. The victim will typically receive a demand for a ransom to be paid in order to regain access to their files. How much is this typically? We’ll go through some real world examples in the healthcare industry shortly.
If the victim does not have a backup in place that allows them to recover their data, they’re often left having to trust the attacker, pay the ransom and hope that they actually decrypt the files as they promised.
Ransomware attacks completely immobilize an organization and can have lasting negative impacts, like loss of customer trust, for years to come.
Examples of Healthcare Ransomware Attacks
You don’t have to look very far to find multiple examples of hospitals and healthcare organizations that have become unfortunate victim of ransomware attacks. Here are a few examples.
Alabama Hospitals Have to Divert Patients
In October of 2019, three Alabama hospitals in the DCH Health System were hit by a ransomware attack and had to begin diverting patients to other hospitals until they could get their critical systems up and running again.
While they did not divulge how much they paid, DCH did end up paying the ransom and receiving the decryption key. They had several days of IT work to do after that to restore all critical and non-critical computer systems so they could begin receiving patients again.
Fatal Heart Attack Increase Tied to Hospital Ransomware Attacks
One of the most famous ransomware attacks on a healthcare network was WannaCry which impacted about a third of the U.K. National Health Service (NHS) hospitals and 8% of general practitioners.
The hospitals ended up paying nearly 100 million pounds ($129 million USD) to the attackers to regain access to their files.
A study of this attack suggests that the unavailability of vital health services due to the attack contributed to an uptick in fatal heart attacks.
“Internal Emergency” Hits California Hospital
Hollywood Presbyterian Medical Center in Los Angeles, CA was hit by a ransomware attack in February of 2019. They ended up declaring an “internal emergency” and opted to pay the attackers about $17,000 in bitcoins to regain their files.
Why did they choose to pay the ransom? The hospital’s CEO Allen Stefanek stated, “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.”
Backups Keep Hospital from Having to Pay a Ransom
When Lukas Hospital in Neuss, Germany was hit by a ransomware attack on February 11, 2019, they were ready. They had complete backups that allowed them to wipe and clean infected systems, then restore their data. And they also noted that their patient data was always kept encrypted which lessened the chance it could be breached.
They did take their systems offline during the process which caused a need to reschedule about 20 percent of their surgeries. But their data backup saved them from suffering a much more costly incident.
Best Practices to Safeguard Against a Data Breach
The German hospital in the examples above did the right things to help them stay protected. Using cybersecurity best practices can help save you from becoming a ransomware or other type of data breach victim.
These best practices include:
- Having a full and recent backup of all your data that is easily recoverable
- Putting safeguards in place, like encryption, to protect sensitive data
- Using industry standards like firewalls, anti-phishing software, and anti-malware applications
- Conducting regular employee training on cybersecurity
- Good password management and use of two-factor authentication
- Using a managed IT service that will monitor systems continuously and handle update and patch management
Can You Withstand a Ransomware Attack?
How strong is your cybersecurity strategy? Could you withstand a ransomware attack if one happened today? If you’re unsure, RCOR can help you find out! We’ll do a full security assessment and let you know where you stand.
Schedule a free consultation today by calling 919-263-5570 or reaching out online.
