Ransomware attacks are a serious and growing threat to the healthcare sector as organizations deploy more Internet of Medical Things devices. According to the Ponemon Institute, more than 20 percent of attacks during COVID-19 were rooted in IoMT devices.
During an April webinar hosted by Becker's Hospital Review and sponsored by Cynerio, Chad Holmes, product evangelist at Cynerio, discussed the ransomware environment and how hospitals can improve their security.
Five key takeaways:
1. Start talking about ransomware in healthcare. To secure budgets for IT security in healthcare, it's essential that key stakeholders understand the impact of ransomware. The risks aren't limited to the IT infrastructure; patients can suffer collateral damage. As Mr. Holmes explained, "Among healthcare organizations that experienced ransomware attacks during the pandemic, the Ponemon Institute found that 71 percent reported longer patient lengths of stay, a little over a third saw increased patient complications, and almost a quarter saw increased mortality rates."
2. Acknowledge and address shortfalls of in-place IT. Only a fraction of hospital IT budgets are spent on cybersecurity. As a result, most healthcare organizations have massive security vulnerabilities, which represent easy entry points for ransomware collectives. According to Mr. Holmes, "Every engagement we have, we see malware from the late 1990s and early 2000s on old machines. At the same time, IoMT devices and application programming interfaces are rarely protected in any significant way." To better improve a hospital's security posture, IoMT devices represent the highest-impact investment area.
3. Consider unique dynamics and supplement staff. Staffing is incredibly challenging in healthcare right now, and that goes for IT teams as well as clinical employees. Mr. Holmes recommended three ways that healthcare systems can supplement their IT teams. "For large efforts, look to managed service providers and managed security service providers for help. When it comes to specific technologies, push your vendors for technical account managers and customer success managers. For ongoing cybersecurity assistance, consider part-time, contract or remote resources."
4. Make security achievable. A best practice is for healthcare organizations to connect with peers to share experiences and stories. "Investigate emerging trends and effective responses. Be aware of industry alerts and attack patterns. It's a great idea to join groups like the Cyber Health Working Group. If you understand what your peers are seeing and doing, you can implement similar protections in your own environment," Mr. Holmes suggested. It's also advisable to role play and plan your response. Consider "hospital in a box" technology solutions that can be deployed quickly if an attack occurs.
5. Immediately identify and stop attacks. While it's important to have a triage and emergency response plan in place for cyberattacks, leading organizations are also adopting a "business as usual" model of IoT risk identification and mitigation.
Cynerio's attack detection and response technology can play a central role by proactively identifying attacks. "We find malware in 80 percent of our engagements and critical risks in 100 percent. The key is to start with critical IoT risk reduction, segment your networks and then roll out a longer-term care and recovery strategy for securing the broader environment," Mr. Holmes said.
The unfortunate truth is that it's all about financial motivation for ransomware attackers. "They are going after the lowest-hanging fruit, and in many cases, that's things like Internet of Things devices that are connected to patients and hospital systems," Mr. Holmes said.
To register for upcoming webinars, click here.