Healthcare was busier than ever the past year, and not just because of the pandemic. Ransomware campaigns against health care providers have increased in frequency and ferocity in record numbers since 2019. According to one US-based provider of threat protection services, the number of reported healthcare breaches was 599 in 2020, which represents a 55.1% spike compared to 2019. California's medical facilities were hardest hit, with the number of incidents totaling 49.
Ransomware is defined as an attack against a computer or a system that renders the devices either temporarily or permanently unusable or inaccessible until a ransom is paid. This is certainly not a new issue in cybersecurity, and it is not completely new to the healthcare sector. Hospitals and other providers had been slowly ramping up and building out infrastructure and systems to guard against cyberattacks when COVID hit. All of those efforts stopped entirely or were relegated to the back burner as patient care in the pandemic took on critical and often exclusive importance. Unfortunately, this created a target rich environment for hackers and cybercriminals, who focus on the healthcare sector because it has the two most important ingredients to any profitable ransomware attack: sensitive data worth protecting and a bank balance that can pay a hefty ransom.
Security breaches occuring in the healthcare sector are harder and more costly to recover from than in any other industry. The average cost per compromised user record (i.e., each patient whose data was compromised) was almost $500. When you consider that the recent ransomware attack at San Diego-based Scripps Health appears to have affected nearly 150,000 patients, the cost becomes clear. And that is apart from any ransom demanded/paid.
Going forward
Healthcare providers and institutions should continue to harden their defenses by establishing security protocols, reviewing the protocols regularly to ensure they protect against the latest and most current threats, and by educating employees on phishing scams that are often the first point of entry for any malware. This is one area where an ounce of prevention really is worth a pound of cure. But prevention is no longer enough. All organizations dealing with possible cyberattacks should have a response plan in place that can be quickly activated once a cyberattack is discovered. A readiness plan might include obtaining insurance against cyberattacks, maintaining secure off-site backups, and organizing a rapid response team best equipped to react to any cyberattack quickly.
Comments