Blog

Code Red: Hospitals Are Facing a Major Ransomware Threat

Aug 31, 2021

Healthcare security As the U.S. healthcare system struggles to cope with the COVID-19 pandemic, it has been fighting another major battle – ransomware. Nearly half (48%) of hospitals, according to a new study , have had to disconnect their networks in the past six months because of ransomware.

Midsize hospitals are especially at risk, according to the study, Perspectives in Healthcare Security , conducted by Ipsos for CyberMDX and Philips. It found that while large hospitals reported an average shutdown of 6.2 hours at a cost of $21,500 per hour, midsize hospitals averaged nearly 10 hours at a cost of $45,700 per hour.

The study, which polled 130 IT and cybersecurity hospital executives, found that despite being in the crosshairs of ransomware attackers, hospitals are not prioritizing cybersecurity as much as they should. “More than 60% of hospital IT teams have ‘other’ spending priorities and less than 11% say cybersecurity is a high priority spend,” the study found.

Furthermore, inadequate protection against vulnerabilities such as WannaCry, NotPetya and BlueKeep is all too common. More than half of respondents (52%) said their hospitals have no protection against the Bluekeep vulnerability, and the number was higher for WannaCry (64%) and NotPetya (75%).

“With new threat vectors emerging every day, healthcare organizations are facing an unprecedented level of challenges to their security,” said CyberMDX CEO Azi Cohen. “Hospitals have a lot at stake — from revenue loss to reputational damage, and most importantly patient safety.”

A big problem for hospitals is lack of cybersecurity automation, the report says, noting “that 65% of IT teams in hospitals rely on manual methods for inventory calculations with 7% still in full manual mode. In addition, 15% of respondents from midsize hospitals and 13% from large hospitals admitted they have no way to determine the number of active or inactive devices within their networks.”

Attacks on the Rise

Ransomware has been a prominent story through 2021. Attacks increased by 93% in the first half of the year, compared to 2020, targeting various industries. An attack against the Colonial Pipeline in May caused fuel shortages and gas station lines harkening back to the 1970s.

According to ComputerWeekly , “the surge in attacks has been fuelled by the rise of the ‘triple extortion’ ransomware technique whereby attackers, in addition to stealing sensitive data from organizations and threatening to release it publicly unless a payment is made, are also targeting the organization’s customers, vendors or business partners.”

Preventative (Ransomware) Care

In addition to applying good cybersecurity practices, such as user training, risk assessments, frequent data backups and access restriction, healthcare organizations need to build strong teams with updated cybersecurity skills to build effective cyber defenses.

Although hospitals don’t necessarily need a large cybersecurity team, it’s essential to have qualified professionals on staff to improve the organization’s cybersecurity posture, protecting life-saving medical equipment and patient and employee data from ransomware. One way to ensure you have a cyber-forward-thinking professional onboard is to hire an HCISPP certified professional or support the career development of an existing staff member who wants to pursue the HCISPP. 

(ISC)² offers the HCISPP certification for the specific needs of cybersecurity professionals in healthcare and is the only certification that combines cybersecurity skills with privacy best practices and techniques. More information about (ISC)² certifications is available here .

In June, the (ISC)² blog dedicated a full week to ransomware awareness (#RansomwareWeek), posting a number of blogs about the topic. In addition, (ISC)² offered a course, “Ransomware: Identify, Protect, Detect, Recover ,” free of charge to the public through July 31, and more than 7,500 professionals took advantage of the opportunity. Keep checking our website for more information on ransomware developments and how to strengthen your defenses against this threat.