CONDITION CRITICAL: HOW RANSOMWARE GANGS ARE TARGETING HEALTHCARE AND HOW TO FIGHT BACK
The past two years have been brutal for businesses across industries and countries, as ransomware gangs hijack their sensitive assets and demand ransom in exchange for their safe return. Few have been abused as badly as the healthcare sector. As doctors and nurses work around the clock on the frontlines of a raging pandemic, they risk having their access to critical records blocked at any moment. This is no longer about the inconvenience of downed systems. It’s a matter of life and death, as attacks threaten patient care.
In four recent examples:
• The network of Central Indiana Orthopedics was knocked offline after being hit with ransomware. The Grief ransomware hacking group claimed responsibility and leaked some of the stolen data.
• Approximately 350,000 patients were notified that their data was potentially accessed or acquired during a ransomware attack on ReproSource Fertility Diagnostics, a clinical laboratory for fertility specialists and a subsidiary of Quest Diagnostics.
• The Lockbit ransomware gang threatened to leak data they claimed to have stolen from Washington-based nonprofit Merit Resource Service.
• The Groove attack gang threatened to publish data they claimed to have stolen from Tri Valley Primary Care in Pennsylvania.
The threat of ransomware has grown so acute that in October 2021, the Department of Health and Human Services Cybersecurity Coordination Center released an alert warning that healthcare delivery organizations are a key target of ransomware attacks, often due to its heavy reliance on outdated and legacy technologies, as well as limited security resources.
The alert reaffirmed previous Forescout data showing that on average, healthcare delivery organizations have 20,000 devices on the network at any time, and 32% of those devices operate on unsupported Windows versions. Another 0.4% of devices operate on even older platforms like XP.
In this whitepaper, we explore the reasons why healthcare organizations are so vulnerable to ransomware attacks and what security practitioners and other experts recommend doing to mount a more ironclad defense.
