How much are you willing to pay to get your personal data back? How about hundreds and thousands of personal data records stored in your company? The impacts of the global pandemic have put the healthcare industry at the top of the list for ransomware threats. In fact, healthcare cyberattacks doubled in 2020, with 28% tied to ransomware.
And the truth is, ransomware is one of the most aggressive and damaging forms of cyber-attacks. Not to mention, the threat itself is very adaptable - it’s accessible, it evolves fast, and it scales well - a ransomware gang’s dream to access an abundance of easy money.
The prevalence of the rise in ransomware is well-documented:
In a Chainalysis Report, the study found a 311% increase, year over year, to the end of 2020 in the number of actual ransomware attacks.
Amidst this rise in ransomware, attackers are increasingly turning their focus to healthcare institutions. In an IBM X-Force report, Cyberattacks on healthcare more than doubled in 2020, with ransomware accounting for 28% of all attacks. So, despite the strong defenses that attackers would have to face, when life-or-death becomes leverage, the cost of a ransomware attack on healthcare institutions is more than just the demanded ransom amount.
Like many businesses, healthcare institutions were not prepared for a global pandemic. With scarce resources, coupled with intense pressure to treat the onslaught of sick patients, ransomware gangs saw a unique opportunity within the healthcare sector. Why?
Related Reading: The Rise of RaaS Gangs + What You Need to Know
According to IBM, nearly one in four of overall cyberattacks last year was ransomware. The increase in data extortion efforts enabled just one of these ransomware gangs, REvil, to make over $123 million in profits in 2020.
That said, determining the hard costs of a ransomware attack extends far beyond the ransom ask. The overall cost of an attack includes ransom cost + recovery cost + further HR costs for employees and patient care, as well as many other factors.
The effects can cause an immense profit loss along with long-term damage to a healthcare organization’s brand reputation. Knowing that healthcare institutions are a prime target for attackers, it’s important to take action before the threat is at your doorstep.
When making the case to stakeholders, it’s important to emphasize the risk of inaction and frame it in the context of the overall business. Start by outlining defining the stakes for your organization:
Once you define these risks, it’s important to then frame the benefits:
With ransomware on a continued rise in the healthcare industry and showing no signs of slowing down, healthcare providers and organizations have expanded the effort to stay protected through third-party tools and partners.
Because healthcare institutions, as well as the associated third-party tools and partners, have a massive digital footprint, safeguarding against ransomware is no easy task.
Mitigating ransomware starts with viewing the cybersecurity situation holistically. To build resilience, your organization must be prepared to continue operations and have a plan with critical elements to minimize the impact of a ransomware incident. Here are some of the best mitigation practices to implement, broken down into two categories:
In a 2016 survey by SentinelOne, 70% of respondents had to increase IT spending, 65% changed their cybersecurity strategies. 52% said they had lost faith in anti-virus solutions. And as we move into 2021, those percentages have only increased.
Related Reading: 5 Ways to Prevent Ransomware
54% of healthcare associates say their biggest problem is employee negligence in the handling of patient information according to a Ponemon study.
Related Reading: Threat Focus: What Is Ransomware-as-a-Service?
Being susceptible to ransomware threats is something that healthcare institutions can’t stop, but with the proper controls in place, you can minimize and manage the attack surface to stop most attacks before they start. There are no guarantees that every attack will be stopped, so it’s important to have a remediation plan in place for that worst-case scenario.
However, if this hits the fan, focus on mitigation prevention:
Ransomware gangs understand the current challenges faced by organizations facing work from anywhere challenges and a collapsed perimeter, and they view this as a segue into extorting data. The time it takes to detect, contain, and respond is very challenging in an unprepared company.
Having a higher level of visibility shines a spotlight on unauthorized users faster, allowing for enhanced containment and stronger, more timely incident response. Avertium’s team of industry experts can help you implement cutting-edge monitoring and detection technology (EDR) to meet the challenges of today, and prevent the threats of tomorrow.