Healthcare tops for ransomware incidents in Q2
Roughly 88 percent of all ransomware detected was discovered in healthcare, while the next most targeted industry was education at 6 percent, according to the report, published by Solutionary. One reason? Its stakeholders often pay hackers.
Wow, that is an enormous statistic pointing towards the healthcare industry. We've blogged about this before, and the issues around why healthcare is targeted and what providers should be doing to more closely guard themselves from these types of attacks. https://www.theitco.net/ransomware-serious-business/
An excerpt from a recent article published on FierceHealthcareIT says:
"High-profile hacks of a number of institutions this year--including Los Angeles-based Hollywood Presbyterian Medical Center and Columbia, Maryland-based MedStar Health--have led to lawmakers discussing how federal efforts and legislation to protect the industry can improve. The former institution paid $17,000 to regain control of its systems, with CEO Allen Stefanek saying it was “the quickest and most efficient way” to get operations back to normal."
HHS OCR published a whitepaper offering guidance regarding ransomware, the governments views regarding it and suggestions on how to guard against it. One critical note from this whitepaper is that if a healthcare organization’s computers are infected with ransomware, the government will consider it a data breach, unless there’s a low probability information has been compromised.
We continue to suggest that you are vigilant on the critical areas of:
- Intrusion Detection and Prevention Systems services on firewalls
- Employing advanced web and internet content filtering controls for internet usage
- Outbound data loss/leak prevention for email messaging
- Outbound email “safe transfer” services for email messaging
- Implementation of, and ongoing development of, IT Security Policies and Procedures that comply with the HIPAA HITECH Security Act, and specifically the security rule
- Annual IT Security Risk Assessment process - remember the first question from an auditor (desk audit, actual audit or breach audit) will be to provide a copy of your most recent risk assessment and the remediation plan, activities and status.
- File integrity monitoring for file servers and access - this shows who has modified files, objects, security controls, etc.
- Database integrity monitoring for database tables and records
- System event and event log management & monitoring for servers
Contact and talk to your vCIO to understand your services and what else you should be doing to protect your practice and its operations.