It’s no secret healthcare organizations are popular targets for cyber attacks.
2018 is barely underway and already we’ve seen one particular strain of ransomware called SamSam infect multiple hospitals and electronic health records provider Allscripts. These attacks are clear examples of just how damaging and disruptive attacks against healthcare organizations can be. They’re also painful reminders that, when it comes to securing health providers, the status quo isn’t working.
To put that into sharper perspective, here are three statistics that highlight how quickly malware is evolving and how healthcare organizations, specifically, need to evolve their defenses accordingly.
1) 45% of ransomware attacks in 2017 targeted healthcare organizations
Attackers notice when something is working. Unfortunately, numerous successful, high-profile attacks against healthcare providers have confirmed to them healthcare is in fact a vulnerable industry. In particular, the healthcare sector has become the top target for ransomware attacks by far. According to global cybersecurity insurance company Beazley, 45 percent of all ransomware attacks it studied in 2017 involved healthcare organizations. The next closest industries in terms of volume of ransomware attacks were financial services (12 percent) and professional services (12 percent).
One reason healthcare organizations are so highly targeted is because they are vulnerable, but another contributing factor may be willingness to pay ransom demands. Hancock Health, which was infected with SamSam in January, became the latest the hospital to do just that when they determined paying criminals $55,000 would be quicker and more cost-effective than attempting to restore their systems from backup.
While the attackers fortunately did decrypt Hancock Health’s files, other hospitals that have made the decision to pay have not been so lucky. For example, Kansas Heart Hospital made headlines in 2016 when the organization paid attackers an initial ransom, only to have the criminals refuse to decrypt its files and demand more money, instead.
In any case, if healthcare providers find themselves backed into a corner and forced to make that decision, one thing that is clear is that their security has failed. And as many incidents have shown, the biggest costs associated with ransomware are tied to downtime and disruption — damages organizations have to absorb regardless of whether they choose to pay the ransom or not.
2) The cost of an average cyber attack now exceeds $5 million
According to the Ponemon Institute, each attack that gets past existing security solutions can cost victim organizations over $5 million, primarily in lost end-user productivity, system downtime, and theft of information assets.
In larger healthcare organizations, that number can increase rapidly. Last year, Erie County Medical Center in Buffalo, NY reported the total costs associated with just one ransomware attack added up to more than $10 million. Recovery work lasted longer than three months involved wiping, restoring, and redistributing 6,000 computers.
Loss of access to patient records and other critical information can be crippling to any provider, as clearly evidenced by the recent attack on Allscripts that triggered a full week of downtime. Without access to electronic health records, thousands of Allscripts customers — physician practices located all over the United States — were forced cancel appointments. Temporary closures and significant financial losses has even prompted a class action suit against Allscripts in response.
3) 7 out of 10 organizations don’t believe their antivirus can stop the threats they’re seeing
The high infection rates across the healthcare industry are clear indication the conventional security solutions currently in place are not working. In particular, today’s modern attacks have been deliberately designed to evade detection via file-scanning, which is the primary method that antivirus products rely on. According to the Ponemon Institute, 77 percent of the attacks that successfully compromised organizations in 2017 utilized fileless techniques that bypassed antivirus altogether.
As a result, faith in these traditional, bedrock security solutions has been in heavy decline. 69 percent of organizations say antivirus no longer provides them with adequate protection (Ponemon), and the vast majority (80 percent) are replacing or augmenting their existing solution as a result (Ponemon).
While the healthcare industry has traditionally been slower to adopt new security technologies, it’s clear that organizations in this space must take swift action to protect themselves in the face of quickly-evolving — and increasingly damaging — threats. Healthcare providers have new options available to them that can continuously monitor for and block today’s modern attacks. Investing in them can provide a valuable layer of protection and peace of mind, allowing healthcare organizations to focus on their primary objective: improving patient outcomes.
About Mike Duffy
Mike Duffy is the CEO of Barkly, the company advancing endpoint security by combining the strongest, smartest protection with the simplest management. Mike has a history of creating winning teams and valuable technology companies. Prior to founding Barkly, Mike led OpenPages to become the leading provider of GRC solutions for the enterprise, achieving a record growth and a global market presence that resulted in the acquisition of OpenPages by IBM in 2010. Before OpenPages, he held the role of General Manager for Intel's wide area networking business, Senior Vice President of Worldwide Sales and Marketing at Shiva Corporation, and led sales and marketing for internet pioneer, BBNPlanet. Mike has been the recipient of the Ernst and Young "Entrepreneur of the Year" award.
The views, opinions and positions expressed within these guest posts are those of the author alone and do not represent those of Becker's Hospital Review/Becker's Healthcare. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.