Ransomware attacks targeting the healthcare sector have spiked during the last year. According to the FBI, the Conti ransomware group executed at least 16 attacks on healthcare and first responder networks in the US alone, asking for as much as $25 million in ransom in some cases. This criminal organization has gone after more than 400 organizations worldwide, recently causing massive disruption to the Irish healthcare system just as it was conducting a vaccination campaign to protect the population from COVID-19. Here's a look at what's behind the rise in ransomware attacks on healthcare during the pandemic along with some tips from the FBI on how to protect your most sensitive data from a ransomware attack.
Ransomware attacks: a growing threat to healthcare institutions
Healthcare organizations and networks around the world have been at their most vulnerable during the pandemic, buckling and even failing under the massive strain of the unprecedented public health crisis. Cyber criminal groups like Conti, calculating that they would have a decisive upper hand at such a moment, launched ransomware attacks in search of a big payday. Sadly, healthcare organizations paid a dear price—both financially as well as in terms of their ability to provide care. When a ransomware attack hits, attackers typically encrypt data and hold it hostage until the victim pays a substantial ransom, often in bitcoin so the payment cannot easily be traced. Operations grind to a halt and the business takes a sharp hit to its bottom line while business leaders frantically weigh the pros and cons of how to proceed. When groups like Conti lay siege to healthcare organizations, however, patients' lives and well-being are also at stake. As PBS Newshour reports, a ransomware attack targeting 250 hospitals and clinics in September 2020 delayed emergency room care and forced staff to restore heart rate, blood pressure and oxygen level monitors with ethernet cabling. Unfortunately, healthcare institutions are at special risk of an attack—particularly now. For starters, bad actors are targeting them during the COVID-19 crisis because they know healthcare organizations are overtaxed, distracted, and likely to delay critical cybersecurity improvements until they can get their heads above water. They also dedicate a smaller portion of their budget to cybersecurity than their peers in other sectors. According to Healthcare Finance, just four to seven percent of a health system's IT budget centers on cybersecurity as opposed to 15% for companies in the finance sector. Healthcare institutions also record and store personal health information (PHI) that will always be worth a lucrative sum on the dark web. All these factors indicate that even well after the crisis has ended, ransomware groups will continue to target healthcare organizations. Fortunately, your healthcare institution can increase its chances of successfully warding off an attack by taking proactive steps now.The FBI's best practices for preventing a ransomware attack
These best practices from the FBI can help you prevent a ransomware attack and enhance your overall cybersecurity at the same time:- Regularly back up your data. If you have regularly backed up your most critical data, you will be in a better position should a ransomware attack strike. Test your data backups at regular intervals so you can be confident that they will perform as expected when you need them.
- Password protect your data backups. Make sure to protect your data backups with a password. That way, if cyber attackers do gain access to your backups, they will have a harder time accessing the valuable data inside.
- Air gap your data backups. Air gapping, or keeping your data backups physically isolated from other resources on your network, will help keep them out of reach in the event that bad actors try to access them. Preserve your data backups offline so you will always have untouched copies of your most sensitive data available.
- Use strong passwords. If any of your passwords are weak or easy to guess, malicious actors may be able to gain unauthorized access to one or more of your online accounts and launch a ransomware attack on your organization. Accordingly, use strong passwords instead and regularly update them. Strong passwords have at least 16 characters and include a combination of capital letters, lowercase letters, numbers, and symbols.
- Avoid reusing passwords. Reusing passwords could make you and your organization vulnerable to an attack if any of those passwords appear in a data breach. Case in point: 150,000 security cameras were hacked because of a single password. Take care to use a unique password for each of your accounts.
- Use multifactor authentication (MFA) where possible. If you're worried about ransomware, turn on MFA. It gives you another layer of protection by requiring an additional "factor," or form of authentication, like a fingerprint or the use of a trusted device.
How LastPass can help protect your data from cyber attackers
You can also use LastPass to protect your data in the following ways:- Securely store all your passwords. LastPass securely stores your passwords in an encrypted vault and allows you to access them from anywhere. You can even securely share passwords with specific colleagues if you wish.
- Streamline employee access with single sign-on (SSO). When you give employees SSO, providing them with access to all the applications they need behind a single login window, they no longer have to keep track of each and every username and password they use throughout the workday.
- Bolster cybersecurity with MFA. When someone tries to log in to a system using your credentials, you'll get a notification message with the option to either validate that login attempt or notify security that you've observed suspicious activity on your account.
- Take advantage of dark web monitoring. When your account credentials appear in a data breach, you'll want to know about it right away so you can reset the passwords on the affected accounts. Dark web monitoring proactively notifies you when this has happened so you can shut the door on a potential attack before it occurs.