According to a report by Comparitech, the healthcare field is attracting a lot of attention from cybercriminals; ransomware, in particular, has created chaos across the sector. In 2021 alone, there were more than 100 ransomware attacks that impacted around 2,300 healthcare organizations, including 20 million patient records. The 2022 report comes out later this year, but the forecast looks grim.
Estimates of the cost of these attacks is upwards of $8 billion and that’s just in downtime. The average number of days of downtime was six, although some organizations were offline a lot longer. In addition to this price tag were ransomware payments that varied anywhere from $250,000 to $5 million, such as TriValley Primary Care’s payment of $250,000, Allergy Partners payment of $1.75 million, and UF Health Central Florida’s payment of $5 million.
It’s clear that medical organizations are being targeted by cybercriminals. While the sheer size of the attack surface can make it seem impossible to change, this doesn’t have to be the case.
The Harm of Ransomware in Healthcare
Ransomware is a dangerous form of malware for any organization. But for the medical sector, it is particularly harmful because patient health and privacy is at risk. The effects of an attack can disrupt key systems or even shut them down, leaving healthcare providers without access to patient data and medical records. In addition, the already high cost of medical care will only increase as organizations struggle to operate efficiently due to ransomware disruption and payouts.
The financial repercussions from regulatory agencies when healthcare organizations fail to secure their systems and a breach occurs can be severe. The Health Insurance Portability and Accountability Act (HIPAA) regulations stipulate security policies to protect patients from unauthorized access to health records and medical history. Failing to comply with HIPAA regulations can leave businesses facing fines of up to $1.5 million, in addition to any payouts related to a resulting breach.
Such attacks are becoming all too common: Scripps Health, a network of five hospitals and 19 outpatient clinics in California, was infiltrated by ransomware in 2021 to the cost of more than $100 million. Two of its hospitals lost access to electronic medical record systems and offsite servers, leaving several units unable to provide care and requiring patients to be diverted to other facilities. Though the initial access vector for the breach remains unverified, an internal email distributed after the attack noted that Scripps added multi-factor authentication processes for remote access and mobile devices and new security software on 98% of all Scripps devices. This suggests that access rights to high-value databases and assets were not protected by foundational cybersecurity controls.
Protecting Hospitals and Patients from Ransomware
Medical organizations can take steps to prevent the spread of ransomware by updating security policies and ensuring the burden of compliance isn’t left to busy healthcare workers. While doctors and nurses provide care to patients, organizations can rely on tools that consolidate vulnerability scanning, patch management, and compliance reporting to monitor and secure their environment.
In the case of Scripps Health, a unified security and endpoint management (USEM) solution with user- and device-based, multifactor authentication controls and integration with existing IT infrastructure, such as Active Directory, could have ensured compliance with security policies that restrict access to confidential records. With USEM, healthcare organizations could automatically verify that users and devices had multifactor authentication set up and up-to-date security controls in place before users could gain access to critical data.
USEM solutions enable healthcare organizations to achieve and maintain compliance with regulations such as HIPAA, ensuring that patient data is protected, and healthcare organizations aren’t subject to the financial burden of fines and payouts.
Find out how Syxsense helps healthcare organizations identify, manage, and secure their endpoints. Schedule a demo today.
