OX IT Solutions

View Original

How serious is the threat of ransomware in the healthcare industry?

In the first half of 2022 there were 236.1 million ransomware attacks worldwide, according to Statista.

Just like in so many other industries, the threat level of ransomware in healthcare has skyrocketed. With so much personal data at stake, healthcare has become an obvious target for cybercriminals.

In our latest blog we explore how the ransomware threat profile in healthcare has changed over time and how to mitigate the risk of an attack.

What is ransomware?

Ransomware is a software that specialises in extortion. It takes over your device, blocks you from accessing your data and demands a ransom for its release. Common infection vectors include email and SMS phishing scams and exploitation of the Remote Desktop Protocol.

For some, paying the ransom may appear to be the cheapest and easiest option. However, nearly 40% of victims who pay the ransom never get their data back and 73% are targeted again in the future.

According to Acronis the biggest Ransomware gangs are:

  1. Lockbit

  2. Conti

  3. Pysa

  4. Grief

  5. Hive

  6. CIOP

  7. Marketo

  8. Everest

  9. LV

  10. Revil

READ MORE: Everything you need to know about phishing attacks

The state of ransomware in healthcare

Ransomware has existed in the cybercriminal world for many years, but it first captured the worlds attention in 2017 during the WannaCry outbreak.

Nearly a quarter of a million computers in 150 different countries were targeted demanding bitcoin as ransom payment.

Total damages from this attack are estimated to have reached into the billions. It was the largest ransomware attack ever and affected organisations and businesses from all industries.

The NHS was one of those targeted organisations – over 60 trusts were ultimately affected. For several days the NHS was brought to a complete standstill which led to the cancellation of thousands of operations and appointments and emergency relocation of patients. Due to the network breach, staff had to resort to writing notes by hand and using personal, uninfected devices.

In 2021 the Health Service Executive of Ireland was the target of another major ransomware attack. Cyber criminals from the group Wizard Spider used Conti ransomware to shut down all IT systems nationwide. This was the largest known attack on a health service IT system and the most significant attack on an Irish state agency.

HSE revealed that the medical information of 520 patients and a large amount of corporate data was leaked online because of the breach. Four months after the initial attack, only 95% of servers and devices had been restored.

The latest attack on a healthcare organisation came in August this year when Advanced, a software supplier to the NHS, was targeted. This ransomware attack caused widespread outages across the NHS including emergency dispatch, patient referrals, emergency prescriptions and out of hours bookings.

Advanced, the MSP targeted, provides software to more than 22,000 customers worldwide across a range of sectors from healthcare and education to non-profits.

The National Crime Agency and National Cyber Security Centre are still investigating the attack, but fears are that the cybercriminals were looking to extort patient data.

Is healthcare a common target for cyber criminals?

In the healthcare industry devices are everywhere so it’s easy to see why it is a target for cyber criminals. Technological advances mean healthcare professionals now have access to live data and patient histories at their fingertips. However, this comes at a cost. An increase in use of personal devices and the huge number of endpoints exposes clear vulnerabilities to hackers.

During the COVID-19 pandemic, there seemed to be a universal consensus that healthcare organisations should not be targeted. So much so that the ransomware gang Maze publicly stated they would not go after medical targets. However, this grace period has clearly come to an end as demonstrated by the HSE and NHS attacks.

According to Kroll, the number of cyberattacks on healthcare organisations rose by 90% between April and June compared to the beginning of 2022.

Can ransomware attacks be prevented?

There is no denying ransomware is one of the most costly and destructive forms of malware. Luckily there are ways to protect against it:

  • Back up data regularly – even if a breach does occur your data will not be lost forever.

  • Prevent malware from being delivered – implementing advanced email security and web filtering should reduce the risk of malware infecting your systems in the first place.

  • Employ a zero-trust stance and improve staff awareness – if the sender is unknown, recipients should avoid opening attachments.

  • Disable Remote Desktop Protocol unless strictly necessary.

  • Keep all systems up to date – hackers look to exploit vulnerabilities in old software.

  • Install complete endpoint protection – monitor threats in real time and prevent breaches in advance.

Speak to one of the friendly OX IT Solutions team today to find out how we can secure your business or organisation from all kinds of malware threats.

Call us on 01865 594930 or send us an email: sales@oxitsolutions.co.uk

To receive all our latest updates follow us on LinkedIn, Facebook and Twitter.