The Growing Threat of Ransomware on Healthcare
Digital Transformation is typically a gradual process of moving to more efficient and simplified digital processes, communications, and services. However, one of the largest accelerations of digital adoption occurred in the healthcare industry during Covid-19.
While healthcare professionals worked to treat patients, the IT departments worked to add new digital processes and workflows to support virtual patients. This effort led to the widespread adoption of telehealth services, improved patient portals, and new ways to engage with patients.
With these accomplishments in efficiency and an improved patient experience, these changes bring new security concerns, which many IT organizations are still discovering and solving. To complicate the security problem, ransomware and other advanced attacks are multiplying against healthcare organizations.
Recent examples include ransomware attacks on Scripps Health in California with 2 hospitals affected and $112.3 M estimated damages, and Universal Health Services with 400 locations affected, and $67 M in estimated damages.
Ransomware Attacks On Healthcare
“Hospitals’ systems were already fragile before the pandemic,” notes Josh Corman, head of the Cybersecurity and Infrastructure Security Agency (CISA) COVID-19 task force. “Then the ransomware attacks became more varied, more aggressive, and with higher payment demands.”
In 2020, the healthcare industry experienced a 45% increase in ransomware attacks (HealthITSecurity). This resulted in over 600 U.S. Healthcare organizations and more than 18 million patient records affected in 2020.
On a patient level, hundreds of surgical patients were re-routed to other hospitals, and many were unable to receive care due to the system lockouts across technology systems.
Types of malicious activity that faces Healthcare
- Phishing emails containing a malicious attachment
- Malicious links clicked on by a user or admin
- Viewing an advertisement containing malware (malvertising)
- Employees with elated access privileges
How Threat Detection Solutions can Help
Due to the susceptible nature of healthcare data, the industry has a unique responsibility to protect information technology ecosystems.
Threat detection services can notify IT teams of when and where to look for abnormal file access or anomalous user behavior that warrants a closer look. Detection services can also provide valuable insights to the beginning phases of ransomware attacks, DDos, etc.
Although there are many solution categories (SIEM, MDR, XDR, Threat Analytics), the idea is that outsourcing your threat detection to a fully dedicated 24×7 SOC with advanced threat detection capabilities will save money from hiring these scarce experts and time spent chasing false positive alerts.
What ThreatWatch Can Do for Healthcare
The ThreatWatch® Advanced Detection & Analytics solution enables healthcare organizations to stay compliant in many of the data compliance and storage requirements found in HIPAA, while also improving their data security and attack visibility.
Security On-Demand’s ThreatWatch solution identifies any malicious activity that could compromise the network and works with the healthcare company’s IT team to resolve the issue.
One of the areas that ThreatWatch helps the most is in detecting ransomware threats. ThreatWatch® has a unique advantage of finding the hidden threats in your data using Big Data Analytics, Artificial Intelligence models and Machine Learning to find threats early before they exploit your system. We find ransomware threats regularly in our customers’ networks.
To aid in compliance, Security On-Demand conducts regular third party reviews, audits, and risk assessments and maintains multiple compliance healthcare certifications and accreditation including HIPAA privacy, secure data back-ups, and more.
Learn more about how Security On-Demand detects threats like ransomware here.
About Security On-Demand
Security On-Demand (SOD) provides full-spectrum threat management and advanced cyber threat detection and analytics services for hundreds of businesses and government agencies globally. SOD’s patented, behavioral-analytics ThreatWatch technology enables the detection of advanced threats to protect brand value and reduce the risk and mitigate the impact of a data breach. SOD is headquartered in San Diego, CA with international R&D offices and a Security Operation Center in Warsaw, Poland.