Cybercriminals are targeting patient records - is your data vulnerable?

Ransomware has been around for decades but is increasingly becoming more aggressive and frequent. Cybercriminals are getting smarter and more targeted with their attacks. Only recently we saw an outbreak of WannaCry that left a trail of destruction in its wake - particularly for hospitals and healthcare providers.

How does it work? The malware will lock your computer to prevent you from accessing data until you pay a ransom - usually demanding around US$300 worth of bitcoins which typically increases over time. The victim is then given a seven-day limit before the affected files are deleted.

Hospitals in the UK were the first and hardest hit by WannaCry, with up to 16 reporting their IT systems were affected. Hospitals are particularly vulnerable because they rely on up-to-date information from patient records - which means that the industry is more likely to pay a ransom rather than risk delays.

Hospitals can also be subject to attack because some legacy applications such as patient or pharmacy systems will be running on old versions of Windows OS like XP. If the application is dependent on an old OS, the threat vulnerability becomes difficult to patch. This makes the need for recovery solutions even more important in these cases.

No IT security system is 100 percent safe. As these ongoing ransomware attacks continue to prove, having good IT security is only half the story. It’s how fast you recover from these attacks that count. If it takes several days to find data or in this case patient records, the impact on both hospitals and patients can be devastating.

Hospitals can also make for bigger targets, because the more complex the IT and business environment, the more spread out the platforms on which IT systems sit, the more staff members, the more ways cybercriminals can find to infiltrate the business.

The best strategy is to implement a security solution and use a disaster recovery (DR) solution with ‘Point-In-Time’ recovery that can wind back and access data right up until the time of the security breach.

Minimising the damage

Security strategies and products that provide protection against ransomware are vital. Working with IT security vendors to ensure the right solutions and systems are in place should be the first point of call.

Most importantly, hospitals need to know how to minimise the damage when they do get hit, making sure they can be back up and running as soon as possible. A comprehensive approach, particularly in the fight against ransomware, involves considering IT security as a three-legged stool; the detection of attacks, prevention of intrusion, and fast recovery of critical data and applications to ensure uninterrupted business operations.

This combination ensures hospitals are prepared and not just three steps ahead of malicious intent, but building IT resilience that allows the business to thrive in the face of attack.

Conduct a regular risk assessment

To protect ourselves against ransomware, we have to understand what’s needed to shield IT from the initial infection and how to recover as quickly as possible. Part of a well-rounded IT and security investment strategy involves identifying on a regular basis the key applications and data that is at risk and making sure they are protected.

The IT landscape is more dynamic and unpredictable than ever before. To keep pace, a disaster recovery plan must be easily implemented, and regularly tested with consistent success in order to prove its worth. The DR infrastructure must also be able to accommodate any changes in the IT environment over time, to protect against new holes and vulnerabilities created by IT updates.

The question is no longer if we are going to get hit, it’s when. And how well are you equipped to handle it? Paying a ransom to retrieve your data should never be the answer, and there is no guarantee that an encryption key will be provided.

With so many tools and solutions available, there is no excuse for not protecting your data. So how prepared is your hospital to cope with the next attack?

Image credit: ©stock.adobe.com/au/Lasha Kilasonia