The increasing digitization of medical data has meant more streamlined processes for patients and healthcare providers; but the transformation has also been an opportunity for malicious cyber attackers to take advantage of holes in security with ransomware. Though credit card information was once the prized possession of cybercriminals, it now takes a back seat to healthcare data, which is more valuable on the black market for its highly personal nature.
Healthcare Data is a Prime Target
While companies in other sectors were slow to digitize data and prioritize its protection, healthcare organizations went digital faster. The change has made medical data access and management far easier in many respects. But the process has also made healthcare systems prime targets for cyber attacks— particularly ransomware.
The combination of data security not being built into the processes and the historical tendency of healthcare organizations to underinvest in digital security mean that this highly sensitive information is both easier to seize and worth more than other types of data.
Hospitals on High Alert for Ransomware
A slew of attacks on major healthcare organizations has put many in the medical field on high alert. In February, The Washington Post reported that Hollywood Presbyterian Medical Center was victim to a ransomware attack that halted hospital staff’s access to their computer systems and various electronic communications. The hospital had to pay the equivalent of $17,000 in Bitcoin ransom to regain access to the seized systems and restore operations. An attack on Methodist Hospital in Henderson, KY and another at Ottawa Hospital unfortunately indicate that these are not isolated incidents but part of a growing ransomware trend.
A report on the future of ransomware from the Institute for Critical Infrastructure Technology (ICIT) states that 2016 will see a huge uptick in ransomware attacks, because they are highly profitable and poorly guarded against. Healthcare organizations, which were previously considered off-limits because of the potential for human harm, have become victims of these attacks precisely because of the danger to humans that motivate organizations to pay the demanded ransoms.
Solutions Built For Healthcare Security
The introduction of advanced security systems will be critical to healthcare organizations seeking to protect patient data and safety. Data backups and file shadow copies can be helpful but only go so far.
The ICIT report suggests that the most critical step is implementing a comprehensive cybersecurity strategy that includes advanced technology, employee training and protocols with guidelines for thwarting attacks and responding effectively to them. One of the most trusted cybersecurity firms in the healthcare space is our partner, Fortinet, which has developed a complete ecosystem of advanced technology solutions optimized for complex healthcare networks.