FluidOne Blog

How To Prevent The Rising Ransomware Attacks On Healthcare Organisations

Written by James Griffiths | 28/09/22 15:57

The number of ransomware attacks has risen sharply in recent years, in every industry, from hospitality firms to the energy sector. Ransomware has the potential to be devastating to any business, ruining their reputation, leaking their secrets, and costing them vast amounts of money, but it’s the healthcare sector that faces the greatest threat, as cyber attacks could leave lives hanging in the balance. Keep reading to learn what organisations can do to protect their data - and their patients.

 

What is Ransomware?

You may have heard of ransomware - it’s popping up in the news more and more regularly, but you’d be excused for not knowing exactly how it works. To put it simply, ransomware is a form of malicious software or malware. It’s used to encrypt a victim’s files or information and hold it for ransom. The victim will be given access to their files in exchange for money. There are many ways in which ransomware can infect a victim’s computer, smartphone, tablet, or any mobile device, but these three are the most common: through an email with a malicious attachment, by a user clicking on a link, or by the user unknowingly visiting a website that contains malware. Once ransomware is in your device, it can then spread to any device connected to the same network, and can quickly leave an entire organisation paralysed. The types of ransomware, as well as the ways in which cyber criminals use them, are constantly evolving, and there are ransomware gangs that will create new variants of ransomware and target specific organisations.

The Effects of Ransomware

The reason these kinds of attacks are so damaging to healthcare organisations is that even a few seconds of downtime could leave patients in danger, unable to receive the urgent care that they need. Unfortunately, it’s this same reason that means these organisations are a top target for ransomware gangs - they expect hospitals and other healthcare firms to be quick to pay. Here in the UK, the NHS is a regular victim of ransomware attacks - the biggest one was the Wannacry attack in 2017. It affected over 80 hospitals and 595 GP practices and led to thousands of appointments and operations being cancelled, with staff having to use pen and paper or their own laptops to do their work. In a review of the incident, William Smart, the Chief Information Officer for Health and Social Care at the time, wrote that, “The occurrence of cyber attacks across the UK economy is increasing so, in the judgement of most industry experts, it is not a question of  ‘if’ but ‘when’ the next cyber-attack strikes the health and social care system.”

 

Health services all over the world are facing similar attacks. Last year, Ireland’s health service was hit by another ransomware attack - the gang behind it, Conti, demanded £14 million to encrypt their data. In the US, the Cybersecurity and Infrastructure Security Agency (CISA) pointed out in an advisory earlier this year that “cyber actors likely assume healthcare organisations are willing to pay ransoms because these organisations provide services that are critical to human life and health.” 

 

It’s not just computers that could be vulnerable to attacks - there’s been a rise in the number of IoMT (Internet of Medical Things) devices in recent years. All of these, from hospital beds to insulin pumps, are connected to the internet, and although this makes them more efficient, it also makes them more vulnerable. And things are getting worse at the moment. According to Sophos’ recent study on the state of ransomware in healthcare, attacks are on the rise. The company surveyed 5,600 IT professionals from around the world, and found that 66% of healthcare organisations had been hit by ransomware over the past year. In 2020, that figure was just 34%. Sophos also found that healthcare was the sector most likely to pay - 61% of those who had their data encrypted admitted to paying up, which is no surprise given the costs of doing nothing. One reason it’s become so prevalent is the spread of ransomware-as-a-service, which has made it easier for people to get their hands on ransomware. Criminals can now pay to use software that’s already been created and target organisations without learning how to create ransomware first.

 

How to Prevent Ransomware Attacks

Just as cyber criminals’ tactics and techniques are evolving, so too are the methods of cyber security experts. Our expert cyber partners at Cyber Security Associates (CSA) have over 50 years of combined experience fighting off these kinds of attacks and helping organisations learn how to best defend themselves. Led by the former commander of the Ministry of Defence’s Cyber Defence Unit and the former lead cyber technical operator at GCHQ, CSA can help ensure your data is in safe hands.

 

Human error is a leading cause of cyber attacks - according to Verizon’s 2022 Data Breach

Investigations Report, 82% of breaches involved a human element. To help reduce this, CSA offers training to help you and your employees improve your cyber hygiene. From courses and seminars to realistic cyber attack exercises, they’re the best way to prepare your company for a possible ransomware attack. Its 24/7 Security Operations Centre can also give your organisation round-the-clock protection from every kind of cyber threat out there, monitoring for threats and dealing with them quickly and safely - before they can cause any issues.

 

Ransomware gangs are increasingly focusing on healthcare organisations, and they don’t show any sign of stopping. With the amount of sensitive data these organisations have on their patients, it’s no surprise that they’re such a target, and they need to be stepping up their defences.

 

If you want to find out more about how FluidOne - and the dedicated cyber team at CSA - can help you with your cyber security, don’t hesitate to get in touch with us.