In recent years we have been seeing a surge of cyberattacks in all industries, but one specifically is really feeling the heat. Due to the sensitive nature of their work, the healthcare industry is particularly susceptible to cyberattacks like ransomware. Ransomware is a form of malicious software that locks users out of their data and threatens to destroy the data if a ransom is not paid. Cybercriminals can not only make a profit by forcing a provider to pay for important files to be decrypted, but they stand to gain a political or socioeconomic upper hand by tarnishing the reputation of certain health organizations.
On May 12th the world watched as a ransomware attack known as WannaCry spread with haste across at least 150 countries. Among those affected was The National Health Service in England and Scotland who quickly gained the unwanted attention from being one of WannaCry’s most impacted organizations. The attack critically disrupted the health system’s operations. Hospital staff from 48 different facilities were unable to access patient data and some even had to reschedule surgeries.
Many ransomware attacks are initiated by email phishing scams, making employee education surrounding cybersecurity critical, however, this should be one of many steps a healthcare organization takes to combating cybercrime.
What often happens, and what we saw with the WannaCry virus, is that old machines and outdated software are leaving healthcare organizations vulnerable. This is why it is in the best interest for healthcare organizations to partner with a team of IT professionals who will assess the current state of infrastructure and find vulnerabilities as well as keep up with software updates.
What’s more, they will devise a business continuity and disaster recovery plan that works for your organization. While preventing a breach altogether is ideal, it’s also important to have a plan of action in the case of a breach. Teaming up with IT professionals will ensure that your files are regularly backed up, which is in fact the only way to deem a ransomware attack powerless and negate the need to pay.
For over 20 years Crossroads has been assisting healthcare organizations in developing their own cybersecurity plans. For more information on how we can assist your organization, contact us using the form below.