The Invisible Healthcare Threat You Didn’t Know About

Ransomware Attack

As an industry, we have been consumed and devastated by the ongoing impact of the COVID-19 pandemic.

For months, oversaturated healthcare systems were pushed to their breaking points, in dire need of personal protective equipment (PPE). Still, some smaller buyers report struggling to maintain ample supply as we face a surge in cases. But as we battle one threat, another is silently lurking. If ransomware attacks aren’t on your radar, you need to consider the massive toll these cyber threats can take on your system’s financial health and reputation.

Did you know that just a few weeks ago, New York-based St. Lawrence Health System’s computer network was shut down after a ransomware attack?

The three-hospital health system with locations in Canton-Potsdam, Massena and Gouverneur discovered a new variant of Ryuk ransomware within hours of the initial attack and acted quickly to disconnect its IT systems. If you’re not already familiar, ransomware is malware that locks up a system’s computers and data until a ransom is paid. The New York Health Department acknowledged the attack and has been in communication with the health system. Late last month, Sky Lakes Medical Center in Klamath Falls, Oregon was also hit. Both providers maintain there’s no evidence patient information was compromised, but troubling data suggests this trend is a growing threat that isn’t going away. In 2020 alone, a total of 59 U.S. health care providers or systems have been impacted by ransomware, disrupting patient care at up to 510 facilities, according to Brett Callow, an analyst at the cybersecurity firm Emsisoft. In a joint alert, the FBI and two federal agencies said they had credible information of “an increased and imminent cybercrime threat” to U.S. health care providers. The alert said malicious groups are targeting the sector with attacks aiming for “data theft and disruption of healthcare services.”

The reality is, our healthcare systems have more data than ever before, but providing protection for that data is often an afterthought.

Internet-enabled medical devices are fantastic tools to increase speed and efficiency but many are poorly secured and come with additional risks. As patient records become more digitized and people depend on telehealth services, healthcare providers need to protect sensitive data. On average, the cost to recover from these attacks – without paying the ransom – totals more than $732,520 in the US, which includes business downtime, lost data, operational costs, device costs, and other expenses. But when the organizations paid, the recovery costs nearly doubled to $1.4 million. So you can’t afford to just hope it doesn’t happen to you. What steps can your team take now to proactively protect your system? Kevin Coleman, executive director of the National Cyber Security Alliance recently suggested implementing the following best practices:

  • effective security policies
  • training road maps for IT teams
  • integration of proactive cybersecurity education

“It’s essential for facilities to regularly create backups of critical systems and files, and to house those offline from the network. Healthcare and public health facilities should also be vigilant about upgrading and updating their legacy hardware and software; ensuring that all connected devices and applications have multi-factor authentication enabled; and that employees know how to identify and avoid malicious email links and attachments,” said Coleman. We understand for an industry already under immense pressure, adding this concern to your plate may trigger more stress. As always, if you have specific questions about strengthening your organization, please reach out to a dedicated RBT team member to schedule a consultation.