“Hello! We have 2 million records and we’ll publish them if they don’t pay. Each time, we’ll post more and more records at once.”
This was the message left behind ransomware group Money Message after stealing 5.8 million PharMerica patients’ data.
It’s hard to believe we’re still dealing with people who think it’s okay to steal protected health information (PHI) and then demand a ransom in exchange for its return. Messages like that aren’t unusual for ransomware groups. They’re meant to be infuriating and very much on purpose.
Protected Health Information (PHI) is a precious commodity for them, and unfortunately, a tool for extortion.
In the world of cyberattacks, there’s no such thing as a “one size fits all” solution.
Data Breach Hits Pharmacy Services in 50 States
50 states.
3,100 medical facilities.
4.7 TB of data exposed.
5,815,591 patients.
The attacks in the early half of 2023 have looked like:
- 50,000 patients impacted at Rise Interactive Media & Analytics.
- 11,000 patient records were spotted after Arizona Health Advantage employees couldn’t access some company servers.
- Wentworth Health Partners Garrison Women’s Health (GWH) had a network outage that affected the IT infrastructure, applications, and electronic medical records.
While these are just a few of the attacks that have been reported, they represent a larger problem for an industry that is already struggling to maintain security standards.
As for GWH’s network outage—information was made inaccessible. And there were no backups available. While IT eventually restored radiology and ultrasound data and applications, as well as some electronic medical records, about nine months of medical records were lost in the attack due to file corruption.
What Kinds of Attacks Cause Outages and Hold PHI Hostage?
These attacks can be carried out in a variety of ways, but the most common types fall into three categories:
Malware — Malicious software designed to infiltrate and damage systems.
Phishing — Sending emails that appear to be from legitimate sources but are actually designed to trick into providing their login credentials, bank account information, or credit card numbers.
Ransomware — A type of malware that encrypts files on your computer and holds them hostage unless you pay a ransom fee.
They can range from minor inconveniences to major disruptions that can cost millions.
Threat actors accessed and posted names, addresses, emails, birth dates, Social Security numbers, health insurance, diagnoses, and other private information.
But you can protect yourself by considering the foundational steps below.
What Actionable Steps Can I Take to Secure Healthcare Systems?
Now you know about the loss of patient records, how threat actors get inside, and cause the disruption of day-to-day operations. But are you doing anything to protect yourself?
If you want to protect healthcare systems and records from cyberattacks, check out these five foundational security steps:
- Firewalls: There are a bunch of next-gen firewalls out there that work great for healthcare. Not only do they protect the perimeter, but they also give alerts, suggest ways to remediate, keep wireless networks safe, and are easy to manage.
- Cloud Backup: Secure backups are a must in your cybersecurity strategy. There are plenty of cloud-based tools to choose from that protect you from data loss, ransomware attacks, human bloopers, and hardware failures.
- Extended Detection and Response: Extended Detection and Response (XDR) is the next evolution of endpoint detection and response (EDR). It detects threats on endpoints, networks, and users. Triggers are built to automate threat identification and investigation.
- Security Awareness Training: Security awareness training solutions for healthcare personnel go beyond traditional methods. They incorporate simulated phishing attacks to assess susceptibility to phishing, provide training to identify various attack vectors, and even offer tools to promptly thwart phishing attempts.
- Unified Security and Endpoint Management (USEM): One console that has real-time endpoint, patch, vulnerability, and configuration management. Syxsense Enterprise is the ultimate USEM solution for healthcare, because it includes a powerful drag-and-drop workflow builder (Syxsense Cortex) that makes building complex workflows and remediation processes easier than ever before. Syxsense is proactive and gives you 24/7 control over what happens and where, for teams needing consistent, accurate, and quick results.
Trust is the cornerstone of any strong relationship, including the one you have with your patient’s data. It’s a symphony of security that protects them. Find out more about how Syxsense can help you by scheduling a demo today.
