How the Pandemic and Accelerated Digital Priorities Raise HCOs’ Risk
Healthcare’s digital transformation was accelerated by the COVID-19 pandemic. Both events have increased the amount of healthcare organizations (HCO) hit by a ransomware attack, making it the number one cause of healthcare data breaches in 2020 and year-to-date 2021. One survey found that 30 percent of HCOs faced a ransomware attack in 2020, and a third of those paid the ransom to, on average, recover just 69 percent of their data. And, they paid an average $1.3M in ransom.
Increased Ransomware Attacks: 2020 was hard for healthcare beyond the pandemic
The last quarter of 2019 saw an unprecedented number of ransomware incidents in the healthcare sector but the pandemic and an increase in virtual care, remote monitoring, and other Internet-connected care made healthcare more vulnerable; thereby a greater target.
- Six-hundred clinics, hospital and healthcare organizations were attacked by 92 individual ransomware attacks
- 18 million patient records were affected – a 470% increase over 2019
- The total costs of these attacks, including soft and hard costs, were ~$21B, including costs like lawsuits, ransom, lost revenue, and fees to rebuild lost data
- Late 2020 saw a further jump in ransomware attacks against healthcare, jumping 71% in October and 45% November to December
- Many ransomware criminal groups are also threatening to publish stolen data if the ransom isn’t paid
And, because the Department of Health and Human Services (HHS) only reports breaches that affect more than 500 people, breaches due to ransomware are likely underreported.
Ransomware Attacks on Healthcare Go Beyond Payment to Patient Safety
Last year, a major Maryland hospital faced a ransomware attack that eliminated access to a variety of IT systems for a month before the EHR was fully operational. Then, in October, six additional hospitals across the nation had a ransomware attack within 24 hours, prompting the US Cybersecurity and Infrastructure Security Agency to issue an advisory about the increase in cyber risk due to ransomware.
One of 2020’s worst ransomware attacks was that on University of Vermont Health Network. For more than a month, they operated under EHR downtime procedures. Its patient portal, EHR, and lab results were inaccessible across most care sites. The attack was so severe that Vermont’s governor deployed the Army National Guard’s Cyber Response to assist with recovery efforts. It’s estimated that the attack cost UVM $1.5 million a day, totaling around $63M.
Healthcare’s Transformation Has a Cybersecurity Cost
A 2020 survey revealed that 42 percent of healthcare CIOs and CTOs had accelerated IoT technologies due to the pandemic. As was seen last year, as HCOs increase digital technologies that rely on data exchange and network access, the ransomware as a risk vector increases. And, while ransomware accounts for half of healthcare data breaches, there are a number of areas within healthcare’s control to tilt the risk quotient back in their favor.
- Instituting sufficient incident response planning and testing
- Ensuring adequate and timely backups
- Improving network segmentation and access management, including IAM
- Keeping up with anti-malware and -spam as well as proper configuration management
- Establishing effective patching processes
- Better perimeter defenses and endpoint management
- Establishing a plan for legacy modernization and interim security
- Ongoing education and reminders with staff to minimize ransomware entry points
What Your Healthcare Organization’s Ransomware Risk?
Not only can we quantify your ransomware risk, but we can provide a prioritized roadmap for what security steps will greatly enhance your defenses while taking a security-first approach to innovation and digital transformation initiatives.