A cyber attack on a hospital or healthcare group could jeopardize lives on any given day and the idea of a cyber attack on a care facility amidst a worldwide pandemic is especially unnerving.
Late last year, the US Cybersecurity and Infrastructure Agency, the FBI, the UK’s National Health Service issued a joint advisory stating that hospital and healthcare groups must remain on high-alert in regards to cyber attacks.
Recently, cyber attacks on global healthcare organizations have increased at more than double the rate of attacks on other sectors. Researchers witnessed a 45% increase in cyber attacks on healthcare groups as compared to a 22% increase in attacks on other industry verticals. Click To Tweet
In November, healthcare organizations suffered an average of 626 attacks per week, per organization. In the months prior, that average had peaked at 430. While organizations contended with numerous attack types, ransomware emerged as the top threat.
For hospitals and healthcare groups, the biggest ransomware threats have come from Ryuk and Sodinokibi (REvil). The use of Ryuk, for example, means that hackers can tightly target their attacks, hitting hospitals’ weakest points. As a result, the hackers have an increased probability of getting their ransom paid.
“This past year, a number of hospital networks across the globe were successfully hit with ransomware attacks, making cyber criminals hungry for more,” says Check Point’s manager of data intelligence, Omer Dembinsky.
Which hospital and healthcare groups are most at-risk?
By the numbers, Central Europe has seen the most stunning spike in cyber attacks on hospitals and healthcare groups amidst the pandemic. In one well-documented incident, an ambulance carrying a person in need of emergency care was turned away from the local hospital facility due to a cyber attack on systems. As a result, the individual perished en-route to a facility further afield.
Hospitals and healthcare groups should be sure to take as many precautions and prevention measures as possible in order to prevent crippling cyber attacks.
Practical steps that hospitals and healthcare groups can take
Intrusion Prevention Systems (IPS) that include virtual patching are strongly recommended. Monitoring networks for signs of trojan infections is key, as these often occur shortly ahead of ransomware attacks. IT admins may want to look for Trickbot, Emotet, Dridex and Cobalt Strike infections, as these infections are commonly tied to Ryuk ransomware.
Watching systems on weekends and holidays is also critical, as hackers know to exploit timeframes when fewer IT staffers are around. Anti-ransomware solutions and routine employee cyber security training can also help cut down on threats.
For information on how hospitals and healthcare organizations can protect their infrastructure, read this exclusive Cyber Talk solutions brief.