Ransomware has a major impact. Especially, since encrypting and blocking access to sensitive data can shut down an organisation’s entire business operations, causing major financial damages.
According to IBM’s Cost of a Data Breach Report 2020, the average cost of ransomware attacks is about $4.44 million. Markedly, this is higher than the average cost of a traditional data breach ($3.86 million) or malicious breach ($4.27 million).
The impact of these attacks is greater for healthcare organisations dealing with a vast amount of highly sensitive data. Moreover, these need to remain current and accurate, as life or death decisions may depend on it.
Unsurprisingly, according to the US Healthcare Cybersecurity Market 2020 – Frost Radar Report more than 90% of all healthcare organisations reported at least one security breach. This was over the last three years in the United States.
Threat actors see healthcare providers as prime targets. This is because their systems (e.g., virtual care platforms, remote patient monitoring devices, diagnostic systems, and ICU ventilators) are crucial to patients’ wellbeing. Therefore, making them more likely to pay a ransom.
A good example is last year’s ransomware attack on Universal Health Services (UHS). UHS is a Pennsylvania-based healthcare provider operating about 400 facilities.
The ransomware attack forced the company to shut down its IT network at multiple hospitals across the country. As a result, needing to divert patients to other facilities. However, such actions can prove fatal. Specifically, as another security incident in Germany illustrates.
A female patient died after Düsseldorf University Clinic’s servers were encrypted. This resulted in her being relocated to a hospital 20 miles away.
Basic Steps to Increase Cyber Resilience
The following fundamental measures helps healthcare organisations minimise their exposure to ransomware attacks:
- Implement cybersecurity training to educate employees on how ransomware is being deployed. Additionally, teaching them how to recognise and avoid spear-phishing attacks.
- Regularly update anti-virus and anti-malware with the latest signatures and perform regular scans.
- Back-up data regularly to a non-connected environment. Moreover, verify the integrity of those backups.
The Power of Absolute
Beyond these generic preventive measures, organisations must pay special attention to the state of their endpoints. Importantly, those devices are often the launchpad from which ransomware spreads across the network.
Thus, it is essential to assure that all endpoints on a healthcare organisation’s network are healthy and that all applied security controls persist. Correspondingly, healthcare organisations can significantly reduce a threat actor’s attack surface and minimise the cyber risk exposure.
Additionally, Absolute helps healthcare organisations provide necessary visibility, defense, and response tools. These protect against and respond to ransomware attacks. Leveraging the power of Absolute technology, healthcare organisations can:
- Monitor for Unusual Activity: Absolute provides IT and security staff granular insights into all the endpoints on their network. This visibility allows for the identification of suspicious behavior on otherwise quiet devices or spikes in their connections.
- Control Endpoints from Anywhere: Absolute empowers IT and security staff to lock devices and restrict device network access. Ultimately, halting the spread of malicious software.
- Harden Existing Endpoint Security Controls: It is imperative to keep endpoint security software like anti-virus, anti-malware, VPN software, and/or disk encryption active and up to date on all devices. Absolute allows healthcare organisations to make their endpoint security controls resilient against software decay or malicious actions. This is done by self-healing these critical applications whenever needed. Accordingly, this keeps endpoints secure and compliant with an organisation’s security policies without constant intervention.
- Respond to Ransomware Attacks: Absolute helps orchestrate remote device actions via its Absolute Reach scripting, which is resilient to ransomware attacks. IT and security staff can also inform end users of the incident status and provide instructions while their devices are under attack.
Ultimately, selecting an endpoint resilience solution like Absolute is one of the most critical technology investments a healthcare organisation can make to minimise their cyber risk exposure. To check out more details, please visit Absolute’s healthcare solutions page.
By Torsten George Cybersecurity Evangelist at Absolute Software
Resources
Our Voice
CWSI named a 2021 Deloitte Best Managed Company of 2021
Our Voice
CWSI announced as one of Ireland’s Best Managed Companies
Our Voice