FAQ – The Ransomware Threat
Bad actors target healthcare.
A recent article in Healthcare Info Security discussed the disturbing trend of ransomware attacks joining—and in some cases, even surpassing—classical hacking attacks as major threat to healthcare operations.
The object of a ransomware attack is to cut off access to critical enterprise data by encrypting the information. After payment has been transferred to the attackers, decryption keys are provided to allow the enterprise to restore its data.
As our colleague Keith Fricke (LinkedIn) commented, even with a robust backup system in place and payment to the attackers, data may be lost.
Damaged or unrecoverable medical records may cause gaps in care, or lead to loss of systems integrity which has occasionally resulted in injury to patients—and even loss of life.
Far more likely is a significant business disruption, which may even force the healthcare organization to close due to loss of patient data integrity or reputation damage.
The evolving threat:
Identity theft has not been the traditional goal of ransomware attacks, meaning that the repercussions to the victimized healthcare organization’s clients have been limited to medical issues. But that has been changing as the threat evolves.
To force organizations to pay the ransom even if they have the means to recover their data, criminals have resorted to capturing the affected data and threatening to release it to the public or to identity thieves if no payment is made. This represents a serious escalation in risk to the organizations and their clients, making prevention a much higher priority than previously believed necessary.
In addition, as defensive measures have improved, attackers have sped up the timelines of their attacks to reduce their exposure to detection, and focused on nights and weekends when regular staff is not active.
In response, defensive measures must evolve to meet the escalating threat, including increasing the frequency of incremental backups and outsourcing monitoring of networks and systems to achieve 24-7-365 oversight.
Yes, the bad guys are watching you!
Hackers have always considered healthcare enterprises to be attractive “soft targets,” because many are smaller organizations that don’t make data security a priority or can only afford minimal protective measures, while simultaneously being custodians of highly valuable, sensitive personal data.
Fortunately, there’s help. Cybersecurity consulting and protective services like tw-Security can provide the highest level of protection at minimal costs.
We’d love to help keep you—and your clients—safe and protected.
This article was brought to you by tw-Security, LLC., a practice dedicated to helping healthcare organizations protect their information resources by creating and managing information security programs.