Home COVID-19 How Can Healthcare Organizations Protect Against Ransomware Attacks During COVID-19?
ransomware attacks

How Can Healthcare Organizations Protect Against Ransomware Attacks During COVID-19?

by Heidi Bullman

Editor’s Note: This article was originally published on GovDataDownload and discusses the impact of ransomware attacks on data access and patient care, especially amid the pandemic. To better understand the impact and how healthcare organizations can protect against these attacks, the GovDataDownload team sat down with NetApp’s Ray Deiotte, Chief Data Officer for Global Healthcare and Life Science. On this topic, Deiotte shared the importance of education and awareness in keeping health systems safe and unharmed from ransomware attacks.

The events of 2020 have tested every industry, but the healthcare industry is one where the risk is focused on the loss of life. While managing the influx of patients due to COVID-19 and ensuring the protection of employees, the industry has also grappled with managing IT systems and a network that requires secure access every second of every day. Yet another test that the healthcare industry is facing is the growing number of cyber incidents and ransomware attacks that are threatening to interrupt data access and patient care.

In fact, last month Universal Health Services (UHS), one of the largest healthcare providers in the U.S. serving millions of patients each year, fell victim to a ransomware attack, according to TechCrunch and over 40 hospitals and healthcare providers were impacted by ransomware attacks in the first half of 2020 alone, HealthITSecurity reported.

Shutting down systems, putting data at risk, and not having access to critical patient information during this time, is an added layer of complexity that the healthcare industry needs to be aware of and prepare for as the rise of ransomware attacks continue.

The GovDataDownload editors recently sat down with Ray Deiotte, Chief Data Officer for Global Healthcare and Life Science at NetApp to discuss the rise of ransomware and how healthcare systems can protect their most important assets.

Deiotte has been in a variety of industries from aerospace to healthcare and noted that two things have stayed consistent, regardless of industry: the need for data, and the need for people. With the focus on those two areas, agile security becomes a necessary and critical function to protect these assets. “What we’ve seen really in the past six months is the need to be exceptionally agile in IT and security deployments,” Deiotte said. “While the healthcare industry may have been slow to adopt in the past, telehealth and remote working environments require this industry to focus on data protection and security, because they have to in this new environment.”

While ransomware and other cyber-attacks are on the rise and will continue to take advantage of the post-pandemic environment, the healthcare industry is changing rapidly to better detect these threats, monitor for incidents, and shorten downtime.

“One area where we’ve seen a spike in activity is that bad actors are attacking back-up systems,” Deiotte pointed out. “Backing up systems in near real-time is critical from a ransomware perspective because the IT administrator wants to get back to the most recent state of known cleanliness. But now we are seeing patterns where bad actors are attacking and hosting for ransom the backups as well.”  This causes more complications.

To overcome these challenges in the healthcare industry, Deiotteprovided recommendations:

Education and Awareness: First and foremost, education is key to addressing this threat. While security tools will always be available, Deiotte pointed to the ongoing phishing, spear-phishing, and whaling attempts on employees, and said, “It really comes down to the people involved and educating them on how an attack can happen, and then giving them the training they need to recognize a malicious link or threat.” Users must understand the impact of credential sharing or link clicking. This is even more critical today, as many employees are working remotely.

Extending Security to the Edge:  As more employees work from home or at remote locations, there is more movement of data at the edge of the network than ever before. “Employees don’t have the same home security for their devices that is available within a corporate network,” Deiotte noted. This requires IT departments to protect a larger attack surface and provide access to tools that will offer more security for home users.

Centralizing Data Environments: “Providing centralized data environments for people to work from without having to bring data to home laptops reduces the attack surface,” Deiotte said. This centralized environment eliminates the risks associated with insider threats and enables the IT and security teams to manage data and analytics tools in a more secure and controlled environment. “This will drive a healthier cybersecurity posture in the industry,” he commented.

Predictive Awareness and Alerting: With AI and machine learning tools, there have been innovations in predictive alerting on the network. This allows IT security administrators to be alerted to vulnerabilities on the network before a bad actor exploits it in an attack. “The healthcare industry is starting to adopt some of these predictive and preventative approaches which will only strengthen their response, mitigation and remediation times,” Deiotte said.

In the end, Deiotte noted that it is really about speed and agility. While an attack will happen, it is critical for healthcare organizations to “be able to get back faster with continuity,” he said. “That means you mitigate the risk to the fiscal bottom line, and more importantly, loss of life.”

This article was first published on GovDataDownload on October 22, 2020. To read the original article, click here.

You may also like