How is the Healthcare Industry Affected by Ransomware.

1
StoneFly Technical Support 510-265-1616
My Account ? 0 Items
Blog Partners
Products ? Solutions ? Company ? Resources ?
Downloads ?
Contact Us ? Shop ?
How is Ransomware Affecting the Healthcare
Industry
Search
Search
Recent Posts
Recent
Popular
In a recent survey of healthcare organizations
titled The State of Ransomware in Healthcare
2022, researchers found that there was a 94
increase in ransomware attacks on organizations
in the health sector. In 2021 alone, 66 of
healthcare organizations were hit by ransomware.
In comparison, 34 were hit in 2020. Another
survey reveals that 42 of healthcare
organizations faced multiple ransomware attacks
in the previous year. These surveys clearly
depict the scope of the problem for the
healthcare sector. It reveals the inherent
weaknesses in the systems that attackers use to
their advantage. This makes it all the more
necessary for the healthcare sector to prepare
beforehand and protect sensitive information and
systems using automated backup and disaster
recovery (DR). This blog will discuss the impact
of ransomware on healthcare institutions and how
healthcare organizations can protect themselves
against the menace of ransomware. Why is
Healthcare Industry Being Targeted? To provide
effective healthcare services, hospitals,
clinics, and healthcare service providers need to
store and retain patient information, and
medical records. Since this confidential data is
highly sought after in the black market, it
makes healthcare service providers the prime
targets of hackers. The medical data sells for a
large sum on the dark web. Moreover,
cybercriminals are keenly aware of the fact that
the healthcare service industry spends the
majority of their budget on services leaving very
little for data protection. The lack of budget
makes it challenging for IT administrators to
set up effective data security and ransomware
protection making the healthcare sector a
relatively easier target. Furthermore, the
majority of healthcare sector staff need access
to critical systems and information to provide
healthcare services. This increases the number of
endpoints that hackers can exploit to gain
access to primary networks. Additionally, due to
the nature of services, healthcare staff are
often rushed for time. This makes them more
susceptible to socially-engineered threats such
as phishing which contributes to a majority of
successful ransomware attacks. Briefly, heres
why cybercriminals target the healthcare
sector Healthcare service providers store
protected health information (PHI), and financial
information. PHI, PII, and payment information
is easy money on the dark web. Healthcare
service providers have limited budget, most of
which is focused on healthcare. As a result,
data protection is inadequate which makes the
medical record storage and archiving
infrastructure
On-Premise vs Private Cloud Choosing the
Right Infrastructure for Your Business Needs
Enterprise Cybersecurity Solutions Best
Practices and Strategies for Data Protection
Upgrade 3-2-1 Rule with Veeam ONE
v12s Immutability and Monitoring
2022 Ransomware Attack Trend Report Key
Findings
What to Consider when Implementing
2
an easier target. Since resources are limited,
healthcare staff are susceptible to human error
and prone to socially- engineered attacks which
takes advantage of the fast-paced nature of their
operations. Recent Ransomware Attacks on the
Healthcare sector A few major ransomware
incidents stand out in their severity, scope and
complexity. These episodes can provide valuable
insights into how ransomware is evolving and how
the modern cybercrime landscape is
changing. Conti Ransomware Attack on Irelands
HSE via Phishing Email In 2021, HSE was targeted
by hackers who accessed high-level accounts and
used them to exfiltrate vast amounts of
sensitive data. 80 of the HSE IT environment was
encrypted, private information of thousands of
individuals was exposed, and diagnostics and
medical records remained inaccessible. The staff
reverted to pen and paper, and all the Irish
government could do was monitor the dark web for
published data. HSE had to bear high financial
costs and lawsuits from patients for interrupted
services. Ransomware Attack on Yuma Regional
Medical Center YRMC was attacked in April 2022
and resulted in data exposure of thousands of
individuals. After the ransomware deployment,
the hospital was forced to initiate downtime
procedures. On investigation, it
DRaaS for ransomware protection
was revealed that the attacker had access to the
network for four days before ransosmt wareth
deployment without being detected. The attacker
maintained network access from 21 to 25 April
and removed files that contained SSN, patient
names, medical information and information on
health insurance. Quantum Ransomware Affects 657
Healthcare Orgs PFC (Professional Finance
Company) was attacked in Feb 2022, leading to a
data breach of over 657 healthcare
organizations. The Conti group used cobalt strike
to move laterally inside their network via CLI
tools and exfiltrated data that included first
and last names, addresses, accounts receivable
balance and information regarding payments made
to accounts. According to Advanced Intel, Conti
seemed to have joined the Quantum ransomware
group. This is now becoming a common modus
operandi of many high-profile cybercrime
syndicates. Other notable ransomware attacks on
healthcare Highmark Health, WellDyneRx, Others
Report Healthcare Data Breaches Missouri
Hospital System Data Breach Data of 198K Patients
of Florida Provider Accessed in an Email Hack
Kaiser Foundation Health Plan Email Hack Impacts
70K McCoy Vision Center Added to Eye Care Leaders
Breach tally MCG Health Reports Theft of
Patient, and Member Data What is the Impact of
Ransomware on Healthcare Organizations? According
to research by Ponemon institute that focused on
the effects of ransomware on healthcare
organizations, 70 of the affected were infected
by long-term infection that resulted in prolonged
periods without service delivery, thus
effectively crippling their health delivery
systems. Around 65 of healthcare organizations
had to transfer their patients to other
facilities at exorbitant costs to keep providing
healthcare. Around 71 of the affected
experienced medical procedures and test delays,
while 36 experienced complications. According
to a study by Sophos Healthcare organizations
had the second-highest average ransomware
recovery costs with 1.85 million, taking one
week on average to recover from an attack. 67 of
healthcare organizations are of the view that
cyberattacks are getting more complex and more
organized. Among those organizations that were
affected and paid the ransom, only 2 got all
their data back. 61 of attacks were successful
in encrypting their victims data. However, 99
of healthcare institutions affected got at least
some of their data back after encryption. But
that is not to say that organizations expect that
they will be immune from ransomware in the future
since nearly 41 of those who didnt experience a
ransomware infection fully expect that they are
likely to have a ransomware attack in the
future. What are Some of the Key Challenges
Confronting the Healthcare Industry? Healthcare
organizations are now facing highly sophisticated
RansomOps. These are highly targeted and complex
ransomware operations in which attackers attempt
to gain access to the network, infiltrate
devices, breach data by gaining access to
high-level accounts, exfiltrate highly sensitive
data,
3
and encrypt maximum data. The operations are
controlled by command and control centers of
malicious actors and are highly persistent. These
operations allow threat actors to have maximum
effect and incentivize them to make multi-million
dollar demands. The second biggest issue is that
the health sector is a highly targeted industry
for ransomware deployment since attackers are
fully aware of the healthcare sectors
intricacies and use it to gain maximum
leverage. Finally, healthcare organizations
struggle with data security since they dont have
the resources to keep themselves up to date with
the latest security measures. How can Healthcare
Organizations Prepare Against Ransomware? Ransomw
are remains prevalent, and there isnt any sector
that is immune from ransomware. However,
healthcare organizations, in particular, need to
digest the fact that they belong to an industry
which is the most lucrative for cybercriminals
and assume they, at one point or the other, will
be hit by ransomware. The next step is to always
be prepared and adopt a proactive approach for
defenses against ransomware rather than looking
for a way out after a successful infiltration.
This can only be done effectively by setting up
automated backup and disaster recovery. It also
needs to be understood that the whole RansomOp
needs to be neutralized. Blocking further access
to ransomware is one thing, but it does not
isolate your networks and does not prevent threat
actors from continuing to maintain network
access. In other words, a backup and DR solution
that doesnt include isolation (air-gap), and
immutability isnt an effective measure against
ransomware. In fact, it may as well be as
vulnerable as a production infrastructure without
backup and DR. RansomOps can go undetected for
weeks and even months from initial ingress,
moving laterally and establishing control.
Organizations need to deploy solutions that
include prevention, protection and
remediation. Preventive measures include
multi-factor authentication (MFA), firewall,
air-gapping, 3-2-1 backup strategy, among
others. Protection and remediation measures
include backup and disaster recovery, granular
file-level recovery, direct VM spin up, 1-click
restore to cloud, and more. StoneFly remains
undefeated in deploying solutions that neutralize
the ransomware and minimize the chances of
infection in the first place. How Should
Healthcare Organizations Choose an Appropriate
Data Protection Solution? Modern data protection
solutions come in various options, including
on-premise systems, private cloud solutions and
fully or partially hosted solutions. The most
appropriate solution is often a blend of all the
approaches based on what applications and data
need to be secured. Regardless of what option you
go with the service provider must
have Automated air gapped backups isolated from
production. Immutable policy-based storage for
backups, medical records, patient information,
and financial details. AES 256-bit encrypted
storage for data stored on-premises and in the
cloud. Ability to quickly scale compute,
storage, and archiving resources when necessary.
Guarantee RTPOs that meet the organizations
guidelines. How are StoneFly Solutions Aiding
the Healthcare Sector? From turnkey backup and
disaster recovery solutions, to storage
appliances and cloud archiving, StoneFly offers
an array of purpose-built solutions for the
healthcare sector. These include StoneFly
DR365V Turnkey Veeam-ready backup and DR
appliance with automated air-gapping using
built-in network and power management controller,
and policy-based immutability, file lockdown, and
S3 object lockdown for advanced ransomware
protection. Available in 4, 8, 12, 16, 24, and
36-bay appliances, DR365V offers terabytes to
petabytes of storage capacity per chassis. This
storage capacity can further be increased in
three ways scaling up by adding storage
expansion units, scaling out by adding more
DR365V nodes, or leveraging built-in cloud
connect for cloud storage, and archiving. Moreover
, DR365V is also a secondary DR site which IT
admins can use to replicate critical VMs,
databases, and spin up applications and workloads
in the event the primary production isnt
available.
4
StoneFly DR365VIVA Automated air-gapped nodes
with built-in network and power management
controller, and policy-based immutability that
can be added to existing production, and backup
and DR systems for effective ransomware
protection. Veeam Cloud Connect Complete backup,
replication, restore package with Veeam Cloud
Connect, built-in management server, Azure
cloud storage with integrated air-gap,
immutability, encryption, and more. Backup and
Disaster Recovery as a Service (BDRaaS) Fully
managed and hosted backup and DR solution with
full/partial offsite recovery, and optional
management services. With StoneFly BDRaaS,
healthcare service providers can get experts to
manage their ransomware protection for them,
with minimum time and resource investments. In
the event of a ransomware attack, StoneFly
customers can easily restore functions by
leveraging instant recovery through quick
failover to offsite cloud repositories and
failback in case of a ransomware attack and
decrease your RTPOs. Conclusion To provide
healthcare services, service providers store and
archive protection health information, patient
data, and medical records. This sensitive data
puts them on the radar of cybercriminals. Since
healthcare sector focuses budget and resources on
their services rather than IT systems, it makes
them an easier target and more vulnerable to
sophisticated ransomware attacks. A compromise of
production leads to disruption which in turn
puts lives in danger. As a result, effective
ransomware protection is necessary. And
ransomware protection, due to the complex nature
of malware and cyberattacks, is incomplete and
inadequate without automated air-gapping, and
immutability. Need help protecting your patient
data and medical record storage and archives?
Contact StoneFly experts to discuss your IT
systems and projects today.
You May Also Like
5
(No Transcript)
6
GET IN TOUCH WITH US Contact Name Company
ABOUT STONEFLY Founded in 1996 and headquartered
in Castro Valley StoneFly, Inc. was
established with the vision to simplify, optimize
and deliver high performance budget-friendly
data center solutions for SMBs, SMEs, and large
enterprises. Beginning with its registration of
the iSCSI.com Internet domain name in March 1996,
StoneFly has made iSCSI into a standard which is
now used by IT professionals around the world.
With over 24 years of innovation in data storage,
hyperconverged infrastructure (HCI), and backup
and disaster recovery (DR) industries and
technology partnerships with market leaders like
VMware, Veeam, Microsoft Azure, and AWS cloud,
StoneFlys range of ever-growing data management
products continue to grow and include physical,
virtual, and cloud solutions such as NAS, SAN,
S3, uni ed NAS SAN S3 appliances, storage
gateways, backup gateways, complete backup and
DR systems, RAID systems, IP video surveillance
storage systems, data migration software and
more powered by StoneFlys patented 8th
generation storage virtualization software
StoneFusion and integrated with enterprise
features and data services.
Phone (extensions can be entered in the
"Message" eld) Email Address Message
Learn More
All elds with an asterisk are required.
Send
? ? ? ?
2022 StoneFly All Rights Reserved