Healthcare entities are often the target of ransomware attacks. Ransomware attacks occur when a hacker enters an organization’s network, encrypting or stealing sensitive data, demanding a sum of money for its return. In many instances, ransomware healthcare attacks need to be solved quickly, causing healthcare entities’ insurance companies to pay the ransom. Although this is helpful to the ransomware victim, it fuels ransomware healthcare attacks since hackers are almost guaranteed a payday.Â
When insurance companies pay ransom to hackers, many times it is cheaper than trying to recover files through other means. For instance, the city of Atlanta experienced a ransomware attack in which hackers encrypted files, making them inaccessible without a decryption key. They asked for $51,000 for the return of files, which the city refused to pay. Atlanta used alternative means for recovering lost data, paying $8.5 million to recover from the attack.
ProPublica, conducting an investigation into the ransomware healthcare epidemic, discovered that hackers may be targeting companies that have cyber insurance since it is more likely that their demands will be met. Paying ransom gives attackers the resources to perpetrate further attacks, thus fueling the ransomware healthcare epidemic.Â
Ransomware Healthcare Attacks: How to Protect Your Organization
With the prevalence of ransomware healthcare attacks, it is important to understand how to protect your organization. The Department of Health and Human Services (HHS) recommends that organizations working with protected health information (PHI) implement the following cybersecurity practices to help stave off ransomware attacks:
- Email protection systems
- Endpoint protection systems
- Access management
- Data protection and loss prevention
- Asset management
- Network management
- Vulnerability management
- Incident response
- Medical device security
- Cybersecurity policies
Implementing these ten cybersecurity practices limits the risk of experiencing a ransomware attack as most ransomware attacks occur by exploiting vulnerabilities. Knowing where your vulnerabilities are allows you to respond quickly to a breach, therefore limiting the scope of the breach. Quick detection of breaches drastically reduces the cost associated with a breach.