By Harish Pai
In a devastating attack this May, ransomware hijacked the National Health Service in the United Kingdom, with staff getting locked out of their computers and hospitals being forced to send away patients and reroute ambulances. And this June, it was reported that US hospitals were hit by a global ransomware attack. In fact, 72% of all malware attacks on the health care sector last year were executed through ransomware.
So how do such crippling ransomware cyberattacks occur? Mainly through encrypting or blocking access to computer files and servers until a demanded ransom is paid. And in today’s interconnected world, health care systems are especially vulnerable since their networks are rarely offline. Hackers looking for patient data on the cloud need only to exploit a single vulnerability on a network to compromise millions of patient records. In addition, health care data are intensely personal and are accompanied by crucial financial information. With sensitive patient data being at stake, ransomware attacks not only affect the reputations and finances of health care organizations but also risk lives.
How Can Health Care Organizations Bolster Their Defenses?
To prevent such ransomware attacks and soften their impact, health care organizations must ensure end-to-end encryption and security of their patients’ data on all devices, 24/7.
Simple first steps include ensuring that all systems are backed up. Keeping a “gold image” of systems and configurations can be critical to business continuity. In case of a malicious attack leading to a lockdown, hospitals would still have the data they need. This should be accompanied by regular patch management and updates.