Cybercrime is on the rise, with hackers targeting businesses across the economy. The healthcare industry has been no exception. Already, several major ransomware attacks have struck hospitals and other healthcare organizations.
These attacks can render key resources, including patient records and payroll systems, inaccessible to staff, making high-quality care much harder to deliver.
How does ransomware affect healthcare?
Ransomware attacks on hospitals—which leverage malicious software capable of locking down important files and holding them for ransom—aren't new, but they've become a serious problem in the past few years.
The digital transformation of the healthcare industry, combined with COVID-era technology and policy changes, have provided significant benefits to healthcare workers. However, new technology and policies have also rendered providers more vulnerable to cyberattacks.
One recent victim of a ransomware attack was the University of Vermont (UVM) Medical Center. For nearly a month after the attack was first detected on October 28, 2020, healthcare staff were unable to use "electronic health records (EHRs), payroll programs, and other vital digital tools."
The medical center's staff lost easy access to much of the important information they needed to provide effective care—and didn't even know which patients were scheduled for appointments, leading to the rescheduling of important surgeries. Cancer patients at the center were also forced to look to other healthcare facilities for radiation treatment.
The center never paid a ransom to resolve the attack; instead, the IT department was able to "scrub" network systems of the virus and restore essential systems. This process took three weeks of 24/7 work by the IT team, however.
UVM Health Network Chief Medical Information Officer Doug Gentile says that the attack cost an estimated $50 million in revenue. Gentile, offering advice for hospitals, told the Association of American Medical Colleges that "if you don't have a very robust security profile, you're likely to get hit."
Why is healthcare targeted by ransomware?
The frequency of cyberattacks has increased every year for the past few years, peaking at an all-time high in 2021. Experts predict that the number of attacks is on track to rise again in 2022. At the same time, cyberattacks are also becoming more expensive for victims, both in terms of downtime and in the price of ransoms that hackers are demanding from their targets.
Data stored by healthcare organizations can be valuable to hackers, who may sell this information—along with other data—on the Dark Web. Healthcare organizations that are large and well-resourced are also good targets because they have money to spend on ransoms, as well as a reason to pay ransoms and minimize the downtime of important healthcare systems.
Healthcare organizations are likely to continue struggling with cybercrime well into the future. Without the right cybersecurity tools and practices, healthcare providers of all kinds may find themselves vulnerable to attack—and to losing access to essential healthcare systems and resources.
Preparing for hacks and ransomware attacks in healthcare
Successful hacks often target the organizations with the weakest security postures. Investment in cybersecurity basics and familiarity with cybersecurity risks can go a long way in protecting any healthcare organization from attack.
Most organizations will use a combination of training, policy, and resources to create the foundation for their cybersecurity strategy.
For example, training can help employees develop an awareness of common social engineering attacks, like phishing, that hackers may use against them while trying to break into their employer's network.
A cybersecurity policy can establish expectations and best practices for employees, including information on how they can safely use their organizational email or personal devices in the workplace. IT departments benefit from policies that help establish practices, like security update schedules, that can keep devices (and particularly IoT devices) secure.
An effective work-from-home policy can help to protect both remote workers and the organization. Secure travel policies provide similar benefits for employees that need to bring organizational equipment, such as laptops, with them while traveling.
The right cybersecurity tools and software can also make it much easier for IT departments to defend hospitals and other healthcare organizations against attack.
Antivirus software, firewalls, access control tools, and network activity monitoring software, for example, are all essential investments for businesses that want to protect their networks from cyberattacks.
Many IT departments also rely on cybersecurity platforms that provide a single point of orchestration for their collection of security solutions. With a single point of orchestration, the IT team can more easily view sensitive assets, visualize the network, and control important security tools.