Providers, Beware: Ransomware Attacks in the Healthcare Industry

Ransomware attacks continue to plague the healthcare industry at a heightened pace, with attacks increasing in severity— and mortality rates.

As hospitals and providers contend with staffing shortages and remote work environments, which stretch enterprise firewall boundaries and the attack surface, a proactive response strategy could be the difference between life and death.

Ransomware Attacks Turn Fatal

Ransomware attacks can shut down networks and critical IT systems, leave hospital staff dependent on paper charts and inefficient communication methods, and delay procedures and tests. In fact, 22 percent of IT and cybersecurity leaders at healthcare organizations report increased mortality rates resulting from ransomware attacks.

A ransomware attack on an Alabama hospital in 2019 allegedly resulted in one of the first deaths from a cyberattack. After being hit, the Springhill Medical Center immediately shut down its operations and refused to pay the ransom. Hospital staff could not access electronic health record (EHR) systems and resorted to communicating via text message. Nurses at the front desk were cut off from fetal heartbeat monitors in the delivery rooms. Eight days into the attack, with fewer eyes on the monitors, a baby was born with the umbilical cord wrapped around her neck and severe brain damage, which lawyers argue caused her death nine months later.

Best Practices to Prevent Ransomware Attacks

No organization will ever be immune to ransomware attacks. But, having the right security measures in place can significantly reduce the impact of an attack— and prevent truly dire consequences, like patient deaths.

With the stakes only rising for healthcare providers, IT leaders must implement tools, technologies, and processes to prevent, detect, respond to, and recover from ransomware and other cyber attacks. They must also communicate security requirements and the importance of these investments to the rest of the C-suite.

Best practices for preventing ransomware attacks and improving cyber resilience include:

  • Engaging a third party to perform periodic ransomware readiness assessments and vulnerability testing.
  • Implementing secure, reliable data and system backup solutions. Backups should be immutable and replicated to offsite locations and the cloud.
  • Timely applying security patches to firmware and software.
  • Training employees to spot phishing emails, suspicious attachments, and smishing texts. Training should be annual, if not more frequent, with periodic security reminders sent via email throughout the year. Organizations should test the effectiveness of their training programs via phishing and smishing simulations.
  • Validating the configurations of firewalls and VPN solutions. A secure VPN is more important than ever for organizations with remote and hybrid work environments.

To learn how your organization can strengthen its ransomware defenses, contact Securance today.