Don’t Be the Next Target: Essential Tips for Healthcare Businesses to Avoid Ransomware Attacks

By: Mack Jackson Jr

Ransomware attacks are a real threat to healthcare businesses, with hospitals being one of the primary targets. Such attacks can have devastating effects not just on the hospital’s operations but also on the patient's lives, which may be at risk if their vital data is held hostage.

However, healthcare businesses are not the only organizations susceptible to ransomware assaults. Any organization that stores sensitive data is at risk. But the healthcare industry has much more to lose since patient care and safety could be at stake. Thus, healthcare institutions must be proactive in safeguarding their data.

In February 2023, Tallahassee Memorial Healthcare, a hospital in Florida, was forced to take its IT systems offline after experiencing a potential cyberattack. As a result, the hospital had to postpone several procedures and divert some patients to other facilities. The hospital stated that it had not yet determined the source or extent of the attack but had taken precautionary measures to protect patient data. The hospital’s phone systems and the emergency room remained operational, and patient care continued despite the incident. But this is a good reminder of how cyberattacks could affect healthcare systems and how important it is to take precautions to protect patient data.

Cybersecurity Incidents in The Healthcare Industry

The University of Michigan Health System was the target of a cyberattack that took down many systems, including those used for patient care, scheduling, and billing. The hospital has stated that it is still investigating the incident and has reported it to law enforcement agencies. Despite the disruption, the hospital has assured patients that their data remains secure. However, this incident highlights the vulnerability of healthcare systems to cyber threats and the pressing need for robust cybersecurity measures to protect sensitive patient data. As healthcare organizations increasingly rely on technology to manage patient care, it is imperative to prioritize the security of their systems and implement preventative measures to avoid similar incidents in the future.

Banner Health, a healthcare provider in Arizona, has agreed to pay $1.25 million to settle a federal investigation into a 2016 data breach. The breach affected over 2 million patients and involved cyber attackers gaining access to patients’ names, birth dates, addresses, and Social Security numbers. Banner Health reportedly failed to implement appropriate safeguards to protect patient’s data, resulting in the breach. The settlement includes a corrective action plan requiring Banner Health to implement comprehensive security measures and undergo monitoring by the U.S. Department of Health and Human Services for three years. This incident serves as a reminder of the potential financial and reputational costs of failing to adequately safeguard patient data and the importance of investing in robust cybersecurity measures to prevent breaches.

What do ransomware attackers target in healthcare institutions?

Electronic medical records (EMRs) are prime targets for cyber attackers due to their wealth of sensitive patient information, including medical history, prescriptions, test results, and other confidential data. EMRs are frequently connected to the internet, allowing authorized personnel to access and update patient data remotely. This connectivity, however, also makes them vulnerable to cyberattacks such as ransomware. If attackers successfully encrypt EMRs, they can demand a ransom in exchange for the decryption key, often leaving hospitals with no choice but to pay to restore access to critical patient data. The consequences of an attack on EMRs can be severe, not only for patient care but also for hospitals’ finances and reputation.

In addition to electronic medical records, hospitals’ financial systems are prime targets for ransomware attackers. These systems contain critical financial information such as billing and payment records, insurance information, and other sensitive data that attackers can exploit for profit. Because these financial systems are frequently connected to the internet to facilitate payments and other transactions, they are vulnerable to attacks from malicious actors seeking unauthorized access. The potential consequences of a successful cyber attack on a hospital’s financial systems can be severe, including loss of revenue, reputational damage, and disruption to patient care.

Hospitals and other healthcare institutions rely heavily on email systems for communication internally among staff and externally with patients, other healthcare providers, and partners. An attack on these email systems can significantly disrupt hospital operations and patient care. Cyber attackers may encrypt email systems and demand a ransom for the decryption key, making it impossible for hospital staff to access critical messages and patient data. In addition to the direct impact on patient care, a disruption of email services can also hinder administrative functions such as scheduling appointments and processing payments. As such, healthcare organizations must ensure that their email systems are secure and protected against cyber threats by implementing robust cybersecurity measures and training personnel on best practices to prevent attacks.

Critical Security Measures for Healthcare Institutions

Here are some steps healthcare businesses can take to prevent and mitigate ransomware attacks:

1. Upgrade outdated computer systems: Healthcare institutions should update their legacy systems to the latest software to reduce the risk of vulnerabilities.
2. Implement HIPAA cybersecurity standards: Adhering to the Health Insurance Portability and Accountability ACT standards can help prevent security breaches and safeguard patient data.
3. Insider threat policy: Developing an insider threat policy can help identify and mitigate the risk of insider attacks on the hospital’s systems.
4. Review third-party devices connected to their network: Healthcare organizations should review all third-party devices connected to their network, as these can create potential entry points for attackers.

Precautions to Protect Against Ransomware Attacks

There are a few precautions healthcare institutions can take to guard against ransomware assaults:

1. Backup and store data offline: Healthcare businesses should ensure their data is regularly backed up and stored offline. This way, even if the files are encrypted, they can still access unencrypted versions.
2. Our best defense against a cyberattack is in the education of our workforce. Healthcare institutions should provide cybersecurity training to their personnel to help them identify, mitigate incidents and respond appropriately.
3. Use ransomware security software: Healthcare businesses should evaluate their security posture with such tools. This step can help identify and prevent ransomware attacks and recover data.

In recent weeks, healthcare organizations across the United States have been targeted by cybercriminals, resulting in data breaches and system shutdowns. Tallahassee Memorial Healthcare in Florida and the University of Michigan Health System suffered cyberattacks that forced them to take their IT systems offline. Meanwhile, Banner Health in Arizona agreed to pay $1.25 million to settle a federal investigation into a data breach that affected over 2 million patients in 2016. These incidents highlight the critical importance of investing in robust cybersecurity measures to protect patient data and the potential financial and reputational costs of failing to do so. Healthcare businesses must proactively protect their data and systems from cyber threats to ensure continuity of care and protect patients’ sensitive information. By following critical security measures and taking necessary precautions, healthcare organizations can stay one step ahead of attackers and ensure that patient data and safety are safeguarded.

About the Author — Mack Jackson Jr

Mack Jackson Jr. is the CEO of Vanderson Cyber Group. In the age of global cyber threats, Vanderson Cyber Group helps businesses protect themselves from cyberattacks by teaching them cybersecurity awareness. Vanderson Cyber Group uses state-of-the-art practices in security policy development and comprehensive employee training. One of the essential services is phishing simulation and compliance training, which keep employees up-to-date on the threat landscape. Vanderson Cyber Group also provides resources for cyber insurance, managed services, and legal representation. For more information: http://www.vandersoncybergroup.com