Healthcare hostage crisis: Avoid and survive ransomware attacks

May 9, 2016

conduentblogs

By Ken Bradberry

The healthcare industry is under attack. Not from politicians, reformers or mergers – but from cyberattacks. Over the past few months alone, “ransomware” attacks have locked the data and systems at dozens of hospital systems and providers.

The healthcare industry is a major target for hackers and criminals looking for clinical and financial information. Healthcare IT systems are perceived as “soft targets” that are easy to penetrate. Symantec’s 2016 Internet Security Threat Report confirms that healthcare organizations are at greater risk today than ever before. The groups that design and execute these breeches are not backroom, disjointed hackers: They are highly trained, organized experts who are focused on specific targets. In many cases, they are managed by foreign governments and terrorist organizations.

When Hollywood Presbyterian hospital discovered a ransomware attack, their data was completely unusable, which left the hospital and its patients at risk. The hospital leadership relented after 10 days and paid the $17,000 ransom in order to regain control of their data and networks.

That simple act emboldens the hackers who undoubtedly collected their bitcoins and moved on to the next vulnerable healthcare target. But the real motives for these attacks aren’t necessarily financial. Evidence suggests that these attackers are gathering human intelligence that could be used for future targeting.

Although it’s impossible to stay out the hacker’s crosshairs, it is possible to reduce the risk of your organization getting hijacked by these threats to privacy and security.

5 checkpoints that reduce the risk of #RansomWare attacks. http://ctt.ec/hpBLW+ #InfoSec

One of the best resources to reduce the risk of ransomware is to understand how hackers gain access to networks and data.

Social engineering, such as phishing, involves bogus emails that appear to come from legitimate businesses or resources. These notes induce end users to open attachments or hyperlinks that install malicious software on their computers. Hackers also exploit network and systems vulnerabilities that result from the staff’s general lack of monitoring and awareness of security threats.

These types of hacks don’t necessarily happen in one event, but potentially over a period of weeks, months and — in some cases — years. At Hollywood Presbyterian, investigators found several examples where IT leaders could have reduced their risk of attack and malware infection.

The number one preventative measure is education. Most of these attacks are invited by end users who unwittingly click on links in email and websites, or mishandle protected health information. A comprehensive security training program for the end-user can significantly reduce the social engineering risk.

IT infrastructures should be regularly penetration-tested, and networks and systems scanned for vulnerabilities. Security tools, like Intrusion Detection and Prevention systems, as well as End Point Security solutions, are essential lines of defense and should be part of your daily operations.

Complete and tested backups of all production data is essential. Ransom attackers are betting that your IT department doesn’t have an effective backup and recovery solution. In addition to backups, your team must be able to restore servers and network configurations; this is critical to maintaining control and ensuring alternatives in a ransom situation.

Disaster recovery and business continuity plan is a must-have for every healthcare organization. These plans are essential to maintaining operations and providing guidance in the event of a disaster or a loss of a critical service. Your plans must include the critical systems, recovery methods and contingencies so that your organization can respond to threats with confidence.

Report the event. If you fall victim to a ransomware event, don’t keep it private. Work with security vendors and trusted solution providers who can help you mitigate risk and gracefully navigate the event.

Healthcare is a very clearly target now and is slowly waking up to the fact that providers are grossly unprepared to prevent and survive a major cyberattack. Develop a plan, assess your infrastructure, educate staff and develop a complete testing approach. These checkpoints will help you reduce risk and empower your organization to defend against a growing threat.

Healthcare hostage crisis: Avoid and survive ransomware attacks

Digital transformation of government technology and services enhances constituent experiences

Digital payments: More than just convenient

Creating connections in California: Sharing good news about secure payments for citizens

Adopting digital payments to avoid the “road less traveled”

Four ways digital payments can streamline your financial operations

Earth Day 2023: Reflecting on investing in our planet

Honoring legacies by embracing equity

ConduentCares, India: Sustainability efforts for our environment and communities

Why updating OMB race and ethnicity data standards matters for health equity

Three key strategies for small to mid-sized healthcare payers in the Medicare Advantage market

When Reducing Costs, Cutting Customer Experience Isn’t the Answer

Driving Toward Sustainable Cities: Enhancing accessibility and optimizing passenger flows

For telcos, simplifying convergence is the best way to deliver customer service excellence

Policy, engagement, families take center stage at National Child Support Enforcement Association 2023 Policy Forum

Podcast: Getting Total Rewards Right in an Evolving HR and Benefits Environment

From Bare Minimum to Enthusiastic – Ways to Engage Your Workforce

Engagement and Enthusiasm at NCSEA Policy Forum 2023

Conduent Transportation helps expand campaign to aid and assist vulnerable members of the public

A Season for Children

New Experiences and Familiar Faces at WICSEC 2022