It’s estimated that attacks on healthcare providers in the U.S. have cost at least $160 million since the first reported ransomware attack in 2016—and that’s only factoring in breaches that impacted healthcare entities with 500 patients or more, so the true cost of these cyber attacks is likely even higher.
This isn’t a new problem. But with the recent surge in telemedicine adoption due to the COVID-19 pandemic as well as the general growth of digital healthcare tools, security should be at the top of your mind right now.
This guide will help you better understand exactly what the threats are to your patients’ data and, more importantly, what steps you can take today that will reduce your practice’s risk of a ransomware attack.
How has the pandemic increased the risk of cyberattacks in healthcare?
Of all the different types of cyberattacks, ransomware is by far the most dangerous for the healthcare industry as it locks users out of their own data collection systems and halts any activity that requires access to patient data and protected health information (PHI). This type of data breach can have devastating effects on medical institutions by taking healthcare systems, sensitive patient data, and medical devices hostage until healthcare providers pay a ransom to regain access.
Evidence suggests cyberattackers and ransomware gangs are taking advantage of the increased vulnerability of healthcare institutions caused by the strain of COVID-19 on their healthcare systems.
According to data from cybersecurity firm Bitdefender, the rate of cyberattacks on hospitals increased by 60% between February and March of 2020. Recorded Future, another cybersecurity company, looked at open source reporting numbers to verify that 26 healthcare providers were hit with ransomware attacks between January and May of 2020.
While it’s difficult to prove a direct link between the pandemic and the increased rate of cyberattacks, Recorded Future senior security architect Allan Liska believes “many of these attacks were initiated through coronavirus-themed phishing attacks.”
Liska also called out changes to medical staff and security support due to COVID-19 as a factor for the increasing risk, including employees transitioning to remote work and layoffs.
5 steps to protect your practice from ransomware attacks
The good news is that you aren’t helpless when it comes to protecting your practice against ransomware and cyberattacks. By following these next steps and best practices, you can limit your risk.
1. Keep users informed
According to some research, human error accounts for nearly one-third of all healthcare data breaches. For that reason, the very first step in shoring up your security is educating your software users—including patients, staff, doctors, nurses, therapists, and anyone else who has access to your medical systems.
This is not a “one training and you’re done” deal. You should hold repeated, regular sessions with users covering what can happen if your practice is the victim of a cyber attack. These training sessions should touch on what most common cyberattacks look like and how to identify and avoid them, as well as go over basic security protocols such as password discipline that will help keep your system secure.
2. Ensure IT compliance
While it’s more difficult to keep patients informed than it is your own staff, you should still take steps to do so. Send out regular emails and reminders about good sec as well as data breaches. Maintaining HIPAA compliance, as well as following an IT security framework (such as NIST, HITRUST, or Critical Security Controls), will help ensure your systems are as secure as possible. Beyond that, an IT framework will also provide guidance around risk management and serve as resources for further education should you need it.
3. Perform regular data backups
As we’ve already mentioned, ransomware attacks are the most devastating to healthcare systems because they make it impossible for users to access or recover stolen data. For that reason, it’s wise to ensure you’re regularly and consistently backing up your data.
Not only is this a wise strategy against ransomware, it’s also a good practice in case of other, less nefarious technical failures or threats to your data storage systems.
4. Assess your risk
The recent increase in coronavirus-related phishing attacks is a great reminder that cyber threats change over time. Attackers evolve and adapt to take any advantages they can, which means protecting yourself against these threats is an ongoing task as well.
That’s why you should be performing regular assessments of your vulnerability. Whether you rely on an in-house IT staff or consult with an outside firm, it’s a good idea to conduct these checks at least once a year (if not more).
5. Consider insurance
If all else fails, there are insurance policies designed to cover cybersecurity risks. At the very least, an insurance policy will provide peace of mind. At the very most, it could be the difference between surviving a cyber attack and being forced to close your practice.
Many of these insurance policies provide financial aid as well as access to security experts in the event of a breach at your practice. If your budget allows it, this is absolutely something worth considering.
How can technology help?
If you’re interested in making software investments to protect yourself from cyberattacks, you have options there too.
One solution is installing threat intelligence software to serve as a centralized monitoring system that will keep an eye out for potential threats and alert you when it has potentially found one. You could also look into endpoint security software to protect against malware or other threats if your practice relies on vulnerable devices such as laptops or tablets.
Another option to consider is artificial intelligence (AI). AI-enabled security tools can use machine learning and algorithms to identify unfamiliar patterns or suspicious activity tied to cyberattacks.
In fact, Gartner identified AI security as one of the Top 10 Strategic Technology Trends for 2020 (content available to Gartner clients), saying “[machine learning-based] security tools can be a powerful addition to your toolkit when aimed at a specific high-value use case such as security monitoring, malware detection or network anomaly detection.”