Hospitals and other healthcare organizations, while being completely consumed by coronavirus treatment and prevention, are having to defend against an increasing number of malware attacks aimed at capitalizing on their current vulnerabilities.
According to a CORVUS Insurance Security Report, the healthcare sector was already seeing an increase of ransomware attacks by 350% in Q4’19 over the previous year’s Q4. This was before malicious actors could use the pandemic and associated impacts as weaknesses to exploit. The Department of Homeland Security and others have since reported a major increase in COVID-19-specific fraud schemes and ransomware (HealthITSecurity.com). In fact, out of over 700 million spam messages blocked by Google weekly in mid-April, 240 million were COVID-19-related.
The effects of ransomware can be crippling to operations and very costly. Through February 2020, Comparitech reports that ransomware attacks targeted 1,446 clinics, hospitals, and other healthcare organizations since 2016 at a cost of $157 million. The total ransoms demanded were nearly $16.5 million with individual ransom amounts varying from $1,600 to $14 million per attack.
As the battle against ransomware rages on, healthcare IT teams are seeing their day-to-day security challenges grow. Networked assets, including administration systems, medical devices and equipment are traditionally difficult to secure and can be a gateway and/or catalyst to infecting systems across the organization due to one or more of the following challenges:
- They cannot support agent-based security monitoring
- Their network identity changes frequently as they move around a healthcare facility, especially wired devices
- They are needed 24/7 with small windows of downtime for risk assessment, patching or upgrades
- They can be overloaded by intrusive scanning technologies
- They use old operating systems that have not been upgraded or cannot support upgraded OS
Helping Healthcare Stay Focused on What Matters
Digital Defense understands the challenges healthcare institutions are currently facing, including resource and budgets constraints. We would like to help by conducting a external and internal network vulnerability assessment to rapidly identify weaknesses that could make healthcare organizations susceptible to a ransomware attack. Contact us today!
Because most healthcare IT teams have enough on their plates, assessment results have been designed to be easily read and expertly prioritized. Reports pinpoint the most exploited and exploitable vulnerabilities, and empower swift, focused remediation instead of presenting an exhaustive laundry list of unorganized issues to wade through. Empower your team to eliminate the most pressing weaknesses in your network so you can keep resources properly focused and operations running smoothly.