In fact, over 97% of healthcare organizations admit that, if healthcare records went encrypted and there was no alternative to getting data back, they’d go all in to pay ransoms for encrypted files—including critical or sensitive data.
While most organizations won’t pay a ransom (ransoms range between a couple thousand and a MILLION dollars), recent investigations into healthcare cyberattacks have shown many willing to shell out as much as needed to recover their data and systems.
Why are some healthcare providers, including hospitals, willing to pay criminals?
No backups of their data—while the majority of hospitals have backups of their networks, they either store those backups onsite, where a ransomware virus could easily crawl the backup and encrypt it, or where the backup would remain offline in the event of a major disaster. Successful hospital security makes sure that backups are stored off site and are regularly tested to make recovery in the event of an attack or outage a piece of cake. If you are working with Healthcurity, rest assured, we’ve got this covered!
No support from EHR vendors—thinking your EHR vendor will come to your rescue to restore data in the event of a cyberattack? Think again! Most EHR vendors are not willing or not able to provide data restores to clients in the event of a local system failure (such as a ransomware attack at your hospital). It is solely up to you and your IT staff to figure out how to recover your encrypted files.
No or failing disaster recovery plan—another common weakness in hospital IT Security is no real tested recovery plan. Do you have a list of ALL of your vendors handy with contact information and who in your organization is responsible for restoring services in the event of a disaster? Who are the people at your hospital that will orchestrate command central if something happens to your network and you have to restore your system? Having a working recovery plan that is at least tested annually is essential to making sure your hospital won’t have to turn away patients in the event of an outage or ransomware attack.
Many organizations are learning from their mistakes. In fact, many hospitals that we end up recovering from ransomware infections learn to ask questions about their backups and make sure their backup solution will work in case of an outage or heaven forbid, another cyberattack.
While the majority of hospitals DO take backups of their system regularly, the majority (in our survey of ransomware vulnerability assessments from this past year, 78% failed to have backups that were working and tested off network. That means that in the event that a ransom attack hit a hospital, the likelihood that you would fall into the category of not having any other choice than paying a ransom is pretty high!
More food for thought?
Ransomware attacks are becoming more and more sophisticated. While cybercriminals are learning new ways to break into networks—through user end points, unpatched software and operating systems, and other back doors—most cyberattacks are preventable.
What’s the easiest way to make sure your hospital network is safe?
Continual testing and training. There’s no way to beat around the bush here. The best way to keep your network safe is to have (1) a team of security-focused IT professionals with proven track records to alleviate cybersecurity risks and (2) keep ALL of your users informed on how to avoid opening the door to cyberattacks. Consider a free ransomware vulnerability assessment to start identifying where your hospital can improve.
How can your hospital prevent ransomware attacks?
Maintain an updated network— I might be a broken record, but I’d rather continue to warn you to take action than to say everything is okay ‘as-is’. The majority of our ransomware assessments expose serious vulnerabilities in hospital networks stemming from not having updated operating systems with latest security patches. In some instances, hospitals were running outdated software on their servers that hadn’t been updated in years! If you think about Microsoft’s increased vigilance on releasing security patches at least once a month, some hospitals are missing hundreds of patches—that means hundreds of different ways a criminal could find access to your network!
Make sure your systems are recoverable— as I mentioned above, most hospitals—if they have a disaster recovery plan—do not test their IT systems to ensure they know how to recover their digital data. This is a major concern, given that the majority of data used in all aspects of hospitals—from medical records, billing, radiology and actual patient care—are all electronic. If your system goes offline, will you be able to easily reconnect to your EHR? In many cases, it’s not a very easy task!
Keep everyone in the loop— with changing cybersecurity landscapes—especially targeted at healthcare organizations, is everyone on your team on the same page of how cybercriminals are targeting hospitals? If your team doesn’t get updated information and training on how to recognize phishing scams or what to do to make sure your network is kept safe, they may unknowingly open the door to severe cyberattacks.
Are you certain you’re prepared for growing ransomware attacks?
Contact Us TODAY for a free ransomware vulnerability assessment.
