What healthcare organizations need to know about ransomware in 2018

Ransomware is one of the fastest growing and most significant IT security threats.

This past year was marked by global outbreaks like WannaCry and BadRabbit, but attacks on individual organizations also dominated the headlines, with healthcare providers bearing the brunt of unwanted attention.

While ransomware attacks pose a very real and present danger to all kinds of organizations, they are of particular concern to hospitals and other healthcare providers. That’s because the costs of having their systems encrypted and taken offline are compounded by potentially critical and life-threatening disruption to patient services and care.

Just last year, a 602-bed medical center lost $10 million as the result of a single ransomware attack that took down 6,000 computers for a period of more than six weeks. For much of that time, staff were forced to write patient notes and prescriptions by hand, conduct patient registration manually, and deliver lab results and other communications via messenger since email access was severely affected. At the end of the recovery period, representatives from the facility estimated that they had spent roughly $5 million on IT resources and materials and another $5 million on business losses and expenses including overtime pay.

Risk is on the rise
To better gauge the seriousness of the ransomware threat, our team at Barkly recently partnered with Cybersecurity Insiders and Crowd Research Partners to assess the state of ransomware. Our survey was designed to determine the risk of infection and IT professionals’ confidence in their current ransomware defenses.

The findings were concerning on both fronts. Four out of five of the IT professionals we polled considered ransomware an immediate threat. In addition, we learned that:

• A third of poll respondents had already been the victim of a ransomware attack.
• Of those, 75 percent had been hit by as many as five attacks in the last year alone.
• The remaining 25 percent had experienced six or more attacks.
• 80 percent of respondents think the worst is yet to come, believing that ransomware will become an even greater threat.

Despite the severity of the threat and general awareness of the problem, we also found that the level of preparedness is shockingly below the perceived level of risk.

Ransomware attacks can be devastating
The fallout from ransomware attacks can cripple an organization for an extended period of time and rack up substantial financial costs very quickly. The final numbers aren’t in, but total 2017 ransomware damages are expected to exceed $5 billion, a 15x increase over figures from only two years ago.

It’s important to note that figure excludes any ransom payments. For most organizations, the actual ransom is a fairly minor concern compared to the potential disruption of work and services. More than 75 percent of survey respondents said they would never even consider paying a ransom, while 40 percent focused on the fact that attacks caused both downtime and productivity loss. Attacks also drove half of the affected companies to shift their IT focus from strategic priorities to emergency mitigation, and 41 percent had to increase IT spending as a result.

Finally, there are the more qualitative damages to an organization’s reputation and brand. And, of course, the very serious legal and noncompliance issues that apply in cases involving healthcare organizations.

Confidence in traditional defenses is wavering
A majority of the cybersecurity professionals we surveyed indicate they are not confident in their current ransomware defense, which most commonly consists of traditional antivirus solutions and email and web gateways that new ransomware attacks are designed to evade. As a result, many organizations appear to be focusing on recovery and response, with a goal of limiting damage rather than preventing it.

Unfortunately, this “wait and react” approach to ransomware is untenable and costly — 72 percent of businesses infected with ransomware lost access to their infected systems for at least two days, and one-third lost access for five or more days. For healthcare providers — and in a hospital setting, especially — the damage and disruption caused by such a significant loss of access is unacceptable.

Healthcare providers need new solutions to fight ransomware
Ransomware isn’t going anywhere. In fact, the issue seems to be getting more prevalent and more urgent. The good news is that there are new endpoint solutions that allow healthcare providers to stop ransomware attacks before they cause any harm.

Solutions like we’re developing at Barkly help restore an organization’s confidence in its ability to prevent successful ransomware infections. As we move into 2018, IT and security leaders should fully explore their options for solutions that block these attacks before they have a chance to cause rampant damage and disruption that can take days, weeks, or even months to remedy.

About Mike Duffy:
Mike Duffy is the CEO of Barkly, the company advancing endpoint security by combining the strongest, smartest protection with the simplest management. Mike has a history of creating winning teams and valuable technology companies. Prior to founding Barkly, Mike led OpenPages to become the leading provider of GRC solutions for the enterprise, achieving a record growth and a global market presence that resulted in the acquisition of OpenPages by IBM in 2010. Before OpenPages, he held the role of General Manager for Intel's wide area networking business, Senior Vice President of Worldwide Sales and Marketing at Shiva Corporation, and led sales and marketing for internet pioneer, BBNPlanet. Mike has been the recipient of the Ernst and Young "Entrepreneur of the Year" award.

The views, opinions and positions expressed within these guest posts are those of the author alone and do not represent those of Becker's Hospital Review/Becker's Healthcare. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months