This is the last image you ever want to see on your desktop. Unfortunately, this is usually just the beginning.
Simply clicking on a malicious link or file sent to you in an email has the potential for disastrous consequences that start with this screenshot. A new Cisco report suggests that despite efforts to improve cybersecurity at many organizations, ransomware is still one of the top threats to companies because of their reliance on aging infrastructure and complex environments, which leaves them at risk.
Why You Need to Be Aware
Ransomware is a cash cow for cybercriminals and is becoming an area of concentrated focus. Once a cybercriminal hacks into a company's files and encrypts them, the victim company—if poorly prepared—has little recourse but to pay the ransom.
What’s even more alarming is that cybercriminals know whom to target: hospitals. The healthcare industry is particularly at risk for cyber-attacks due to antiquated or misconfigured computer security systems and the amount of sensitive data they control. Right now these criminals target hospitals only to encrypt files (thereby making them unusable) and extract a ransom.
This action, while painful and costly, doesn’t actually modify patient records or release them to the public. What it does do is completely shut down a hospital system and force it to turn to paper records—a nightmare scenario considering how far the industry has come to adopt an all-electronic healthcare environment.
Role of Talent and Training
The diverse type of workforce at most hospitals represents another vulnerability for ransomware, because it can often impede the cybersecurity safety training process. Doctors, nurses, and medical technicians, as well as professional staff including accountants and HR officials, all work in the same environment yet have very different roles and responsibilities.
Known as spear phishing, cybersecurity breaches in these settings are most frequently perpetrated through emails sent to targeted employees with attachments with names such as "updated patient list," "billing codes," or other typical medical communications that have a high likelihood of being opened without due diligence.
What Should Companies Do?
- Improve network hygiene. Upgrade aging infrastructure to limit vulnerabilities. Diversify your backup capabilities (cloud and physical).
- Educate employees. You are only as strong as your weakest link. Humans factor into this equation, so educate them on good security practices and common attack methods, such as phishing attacks.
- Have a Plan. Plan for the worst, hope for the best. Just like fire drills, practice makes perfect. HITRUST’s CyberRX exercises are a good resource if you’re looking to run mock cyber drills with employees.
- Don’t forget whom you are working for. Healthcare providers and staff work for the patients, and their health and safety comes first. Properly investing in healthcare security ensures that it is delivered across the continuum of care.
If you do find yourself the victim of ransomware and facing a ransomware demand, my advice is don’t pay. Unless access to the files are mission critical or backups are somehow corrupted, each payment to cybercriminals perpetuates this unlawful business and ensures that others will also become victims. While some may think that paying the ransom for a few encrypted computers is low compared with investing in the infrastructure necessary to protect against these attacks, try explaining that to patients whose quality of care has suffered as a result of a cyber-attack and see how your healthcare company’s brand is viewed afterwards.
Want to learn more about the role of talent in cybersecurity in the field of healthcare? Join me November 13-14 in San Antonio at the ATD Healthcare Executive Summit.
