Blog
Recent
Security News

Ransomware Attacks in Healthcare: The Pandemic Effect 

Rose de FremeryJune 04, 2021
Ransomware attacks targeting the healthcare sector have spiked during the last year. According to the FBI, the Conti ransomware group executed at least 16 attacks on healthcare and first responder networks in the US alone, asking for as much as $25 million in ransom in some cases. This criminal organization has gone after more than 400 organizations worldwide, recently causing massive disruption to the Irish healthcare system just as it was conducting a vaccination campaign to protect the population from COVID-19. Here's a look at what's behind the rise in ransomware attacks on healthcare during the pandemic along with some tips from the FBI on how to protect your most sensitive data from a ransomware attack.

Ransomware attacks: a growing threat to healthcare institutions

Healthcare organizations and networks around the world have been at their most vulnerable during the pandemic, buckling and even failing under the massive strain of the unprecedented public health crisis. Cyber criminal groups like Conti, calculating that they would have a decisive upper hand at such a moment, launched ransomware attacks in search of a big payday. Sadly, healthcare organizations paid a dear price—both financially as well as in terms of their ability to provide care. When a ransomware attack hits, attackers typically encrypt data and hold it hostage until the victim pays a substantial ransom, often in bitcoin so the payment cannot easily be traced. Operations grind to a halt and the business takes a sharp hit to its bottom line while business leaders frantically weigh the pros and cons of how to proceed. When groups like Conti lay siege to healthcare organizations, however, patients' lives and well-being are also at stake. As PBS Newshour reports, a ransomware attack targeting 250 hospitals and clinics in September 2020 delayed emergency room care and forced staff to restore heart rate, blood pressure and oxygen level monitors with ethernet cabling. Unfortunately, healthcare institutions are at special risk of an attack—particularly now. For starters, bad actors are targeting them during the COVID-19 crisis because they know healthcare organizations are overtaxed, distracted, and likely to delay critical cybersecurity improvements until they can get their heads above water. They also dedicate a smaller portion of their budget to cybersecurity than their peers in other sectors. According to Healthcare Finance, just four to seven percent of a health system's IT budget centers on cybersecurity as opposed to 15% for companies in the finance sector. Healthcare institutions also record and store personal health information (PHI) that will always be worth a lucrative sum on the dark web.  All these factors indicate that even well after the crisis has ended, ransomware groups will continue to target healthcare organizations. Fortunately, your healthcare institution can increase its chances of successfully warding off an attack by taking proactive steps now.

The FBI's best practices for preventing a ransomware attack

These best practices from the FBI can help you prevent a ransomware attack and enhance your overall cybersecurity at the same time:
  • Regularly back up your data. If you have regularly backed up your most critical data, you will be in a better position should a ransomware attack strike. Test your data backups at regular intervals so you can be confident that they will perform as expected when you need them.
  • Password protect your data backups. Make sure to protect your data backups with a password. That way, if cyber attackers do gain access to your backups, they will have a harder time accessing the valuable data inside. 
  • Air gap your data backups. Air gapping, or keeping your data backups physically isolated from other resources on your network, will help keep them out of reach in the event that bad actors try to access them. Preserve your data backups offline so you will always have untouched copies of your most sensitive data available. 
  • Use strong passwords. If any of your passwords are weak or easy to guess, malicious actors may be able to gain unauthorized access to one or more of your online accounts and launch a ransomware attack on your organization. Accordingly, use strong passwords instead and regularly update them. Strong passwords have at least 16 characters and include a combination of capital letters, lowercase letters, numbers, and symbols.
  • Avoid reusing passwords. Reusing passwords could make you and your organization vulnerable to an attack if any of those passwords appear in a data breach. Case in point: 150,000 security cameras were hacked because of a single password. Take care to use a unique password for each of your accounts.
  • Use multifactor authentication (MFA) where possible. If you're worried about ransomware, turn on MFA. It gives you another layer of protection by requiring an additional "factor," or form of authentication, like a fingerprint or the use of a trusted device.

How LastPass can help protect your data from cyber attackers

You can also use LastPass to protect your data in the following ways: 
  • Securely store all your passwords. LastPass securely stores your passwords in an encrypted vault and allows you to access them from anywhere. You can even securely share passwords with specific colleagues if you wish.
  • Streamline employee access with single sign-on (SSO). When you give employees SSO, providing them with access to all the applications they need behind a single login window, they no longer have to keep track of each and every username and password they use throughout the workday.
  • Bolster cybersecurity with MFA. When someone tries to log in to a system using your credentials, you'll get a notification message with the option to either validate that login attempt or notify security that you've observed suspicious activity on your account. 
  • Take advantage of dark web monitoring. When your account credentials appear in a data breach, you'll want to know about it right away so you can reset the passwords on the affected accounts. Dark web monitoring proactively notifies you when this has happened so you can shut the door on a potential attack before it occurs.

Safeguard sensitive data from ransomware attacks

Cyber criminals like Conti are increasingly targeting healthcare institutions in search of a payday, disrupting critical patient care and even vaccination campaigns as the world tries to climb out of the global health crisis. Although this is a troubling trend, your healthcare organization can safeguard sensitive data by implementing strong data backups, using robust password hygiene, using MFA, and taking advantage of dark web monitoring. This way, your healthcare organization will be a far less tempting target and ransomware groups will be more likely to look elsewhere in search of more promising opportunities. Learn how LastPass multifactor authentication can better protect your organization.