Healthcare Under Fire: Ongoing Ransomware Attacks And The Price Of Recovery
By: Jim Stickley and Tina Davis
April 22, 2021
In its State of Ransomware report, Emsisoft discovered there were at least 560 ransomware attacks against healthcare systems. During the pandemic, these attacks on healthcare were done by those looking to exploit this difficult time and those who are the most vulnerable. Many of those with coronavirus desperately in need of a hospital care and the medical staff who care for them, had no choice but to suffer the effects of their healthcare system under attack. Aside from the life-threatening risk of encrypting system data, an added twist now includes hacker’s threatening to sell the data if the ransom isn’t paid.
Costly Ransomware Attacks
In one case out of many, the University of Vermont (UVM) Medical Center had 5,000 of their computers taken off-line and their data systems encrypted and made useless. Everything on the hospital’s IT network was locked, from medical testing and treatment to financial and insurance systems. UVM avoided contacting the hackers and instead called the FBI. Emsisoft reports the toll of this attack was 30 days downtime at a cost of $1.5 million per day in lost revenue. In yet another attack, the University of California, San Francisco, agreed to pay more than $1 million to their attackers to return their data and get back to business as usual with minimal damage and downtime.
The FBI firmly believes the only answer to a ransom demand is not to pay it, as they find doing so only encourages further attacks. With that in mind, organizations of all kinds need to prepare for ransomware attacks. The plan should include getting data quickly replaced and downtime kept to a minimum. Below are a few security tips that can help create a quick and effective response to ransomware attacks and keep an organization running without paying the ransom demand.
Ransomware Survival Tips
- Have data systems checked for vulnerabilities including prevention and detection of cyberattacks.
- Do regular data backups that are stored offline and check them to assure they work when needed.
- Keep all data systems updated, including with the latest software and security patches.
- Encrypt all data that’s at rest. If this is done, it becomes useless to the attackers.
- Have a plan in place to respond and mitigate ransomware attacks. It can keep financial damage and downtime to a minimum.
- Consider getting cyber insurance as an investment in an organization’s future. However, it should not serve as a replacement for data and other system security measures.