Healthcare Ransomware
Ransomware is malicious software that encrypts or removes access to computer files until a
ransom payment is made. In an incredibly short amount of time ransomware has
grown from fringe cyber-attack to widespread epidemic. Researchers saw an
average of over 4,000 ransomware attacks per day in Q1 2016 – a stunning 300%
increase over the attacks they saw in 2015. An estimated $325 million in ransom
payments has been generated by just one type of ransomware alone, CryptoWall
3.02, and with the success of several high-profile attacks on hospitals,
criminals are increasingly targeting healthcare providers.And when attacks do
happen, the damage can be devastating. The loss of access to patient records
alone can result in critical services being suspended and communication
grinding to a halt.
Historically,
following most data breaches, cybercriminals put the sensitive user information
accumulated from the attack up for sale on the dark web. Depending upon the
type of personal information available, records sell for different amounts of
money, with healthcare records fetching more than a password, for example.
Ransomware, and more recently, ransomworms, take a different approach. Rather
than stealing your information and selling it to other malicious actors,
cybercriminals that conduct ransomware attacks steal your data by encrypting
it, and make their money by selling it back to you with a key for decryption.
Healthcare is at High Risk of Ransomware
The healthcare
sector is especially vulnerable to ransomware attacks due to its reliance on
electronically-stored files such as electronic health records, scans, and
connected devices to perform mandatory tasks. Not to mention remote medical
consultation and life saving devices such as infusion pumps and monitors
connected to the internal network. When faced with a ransomware attack, all of
the information, applications, and services provided by the network are
encrypted and rendered unusable. Without access to critical patient
information, doctors and hospital staff are unable to treat patients, bringing
operations and treatments to a halt and endangering lives.
Preventing Ransomware Attacks
Hospitals
and healthcare providers can avoid facing financial and reputational damage at
the hands of ransomware attacks by ensuring their security is up-to-date and
detection measures as well as by developing and maintaining good network
hygiene.Ransomware is typically proliferated through infected links or
attachments in emails, or, as with WannaCry and Petya, unpatched
vulnerabilities. These attack vectors can be mitigated with secure email
gateways and regular automatic security updates. In addition to protecting
the network perimeter with firewalls, network segmentation is key to
ensuring that if a breach occurs, it is isolated to one area of the network.
For the most comprehensive prevention and detection, Fortinet’s advanced
threat protection can be used to both block attacks and detect when an
intrusion has occurred to quicken response time.
Health care
organizations should use a holistic enterprise approach to implement their
security strategy. IBM developed a health care security immune system to address the major pain points in the
industry. Additionally, cognitive and augmented intelligence in the core of
each enterprise security system has become essential to transform defense
capabilities and help win the war on cybercrime.
Comments
Post a Comment