Disruptive, audacious and heartless. These are a few words that only begin to describe the recent news of cybercriminals unleashing extortion attempts to purposefully target the U.S. healthcare system. In November, federal agencies alerted the public that they had, “credible information of increased and imminent cybercrime threat to U.S. hospitals and healthcare providers,” with attacks designed to lock up hospital information systems and impact critical patient care—no less during a time of spiked nationwide COVID-19 cases.
The warning was issued by the Federal Bureau of Investigation (FBI) along with two federal agencies, The Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Department of Health and Human Services (HHS). These cyberattacks involve sophisticated crypto-ransomware, notably Ryuk and Conti, which infect healthcare systems for financial gain—the threat is believed to be on a scale the U.S. has never seen. And with nearly three-quarters of healthcare system, hospitals and physician organizations reporting that their infrastructures are unprepared to respond to attacks, this is a threat that leaves us all vulnerable if we do not take immediate action.
The rise of Ryuk
The threat of ransomware attacks is nothing new. A global survey found a 50% increase in the daily average number of ransomware attacks in Q3 of 2020, compared to the first half of the year.1 Ryuk attacks are the most common impacting roughly 20 organizations a week. And this threat is just the latest in a series of attacks directed at the healthcare system since the onset of the pandemic.
One example is the University of Vermont Health Network in October of 2020, which fell victim to a nationwide cyberattack targeting patient records across the health network. While patient care was not impacted, losses are expected to exceed $63 million from postponed services and expenses needed to recover from the attack.
An even bigger cyberattack hit Universal Health Systems in September, affecting 250 U.S. facilities of the hospital chain. Doctors and nurses were forced to rely on paper and pencils for record keeping. Employees described chaos due to mounting emergency room waits, phone outages, near-complete loss of communications and the failure of wireless vital-signs monitoring equipment.
Lasting impact
In the blurring moments of any cybercrime, we can see how implications result in delayed delivery of service to patients and sheer mayhem as healthcare professionals have no choice but to conduct their jobs without the technology they so desperately need. But long after the attack, organizations are left to undertake costly remediation efforts by paying the ransom or recovering compromised systems, undergoing a forensic investigation and purchasing or updating security systems for future protection. This is costing the healthcare industry millions of dollars—a total of $7.13 million to date—more than any other industry.2
On top of all that, healthcare organizations have had to make drastic network changes in order to provide safe, contactless clinical care amidst the ongoing global pandemic. Remote work environments were created seemingly overnight, and telehealth has become standard. Both of these changes have put an added security risk on hospital environments and the threat of increased ransomware attacks has IT departments scrambling.
How to mitigate risks
With global spending on cybersecurity products and services estimated to grow to $170.4 billion in 20223, cybersecurity has arguably become one of the most important initiatives for all industries, but especially healthcare. When everything is connected, everything becomes vulnerable. To successfully defend against human-operated attacks, it is critical for hospitals and the public health sector to adopt new best practices and build robust information technology networks that are properly secured and defended against cyberattacks.
For healthcare organizations that are faced with compliance requirements around sensitive data, one crucial step to take is to create a clear picture of what your compliance strategy is today and where it needs to be tomorrow. The Windstream Enterprise Professional Services team offers deep knowledge in security to evaluate your network, pinpoint vulnerabilities and threats and provide security management as a service before you fall victim to an attack. Whether you are in the current process or have already undergone recent IT changes to enable your facilities to function in remote environments, now is an especially good time to review your strategy.
Our security experts have experience across multiple sizes and types of healthcare organizations and can help build your defense against such attacks. Advice from outside your organization can accelerate your cybersecurity defense and help uncover any vulnerabilities in your organization’s network.
1. “Global Surges in Ransomware Attacks.” Check Point Software Technologies, 2020. Accessed 12 Jan 2021.2. “Cost of a Data Breach Report highlights.” IBM, 2020. Accessed 12 Jan 2021.
3. Morgan. Steve. “Global Cybersecurity Spending Predicted To Exceed $1 Trillion From 2017-2021.” Cybercrime Magazine, Jun. 10, 2019. Accessed 12 Jan 2021.
