Healthcare organizations are increasingly under threat from ransomware attacks. Around the world, cybercriminals are locking up critical patient data and demanding large sums to release the information. This is because these organizations handle huge amounts of sensitive patient data – including personal information, medical records and financial details.
Between 2021 and 2022, the number of ransomware attacks on U.S. healthcare organizations nearly doubled, with more than two-thirds of them reporting they had suffered a ransomware attack, according to recent report from cybersecurity company Sophos.
“These attacks can quickly disrupt essential health services. If patient data and medical records are inaccessible due to compromised systems, healthcare professionals will struggle to provide timely and accurate care. Delays in treatment, mistaken diagnoses and medication errors can seriously compromise the patient's health”, says Caio Sposito, country manager Brazil at Arcserve.
It is understandable that many providers pay the ransom rather than risk the lives of their patients, as this is the quickest way to restore access to operating systems and records. “When a hospital is attacked, the debate is not about the ethics of giving in to criminals; it’s about life and death”, emphasizes Caio Sposito, adding that paying a ransom does not guarantee complete data recovery nor does it provide protection against future attacks.
The recipe for increasing the resilience of healthcare organizations against cybercriminals includes three basic measures. The first is to develop a comprehensive and well-documented data resilience plan, outlining strategies, policies and procedures to protect against attacks. This plan contains preventive measures, incident response protocols, backup and data recovery processes, as well as continuous monitoring and improvement strategies.
Another important action is to reinforce data security with a robust defense strategy including immutable storage. This approach, known as 3-2-1-1, consists of three backup copies of data on two distinct media types: disk and tape, with one of the copies stored offsite. Number 1 in this formula is immutable object storage, in which snapshots are taken of information every 90 seconds, protecting data against possible loss and enabling a rapid return to normality in cases of successful attacks.
Educating and training employees is the third step, but no less important, as the weakest link in security is usually the user. This is why healthcare organizations must conduct regular cybersecurity awareness training programs for all staff members. These programs should emphasize the risks associated with ransomware attacks and provide guidelines on best practices. The organization must train employees to identify phishing emails, suspicious links, and other potential sources of malware to prevent potential infections and attacks.
“By aligning their data resilience strategies with specific objectives, healthcare organizations can minimize their exposure to ransomware attacks and avoid the risk of making ransom payments a routine. They can protect your critical data and maintain the highest security standards for your patients as well”, summarizes Caio Sposito.
