Roughly 88 percent of all ransomware detected was discovered in healthcare, while the next most targeted industry was education at 6 percent, according to the report, published by Solutionary. One reason? Its stakeholders often pay hackers.
Wow, that is an enormous statistic pointing towards the healthcare industry. We've blogged about this before, and the issues around why healthcare is targeted and what providers should be doing to more closely guard themselves from these types of attacks. https://www.theitco.net/ransomware-serious-business/
An excerpt from a recent article published on FierceHealthcareIT says:
"High-profile hacks of a number of institutions this year--including Los Angeles-based Hollywood Presbyterian Medical Center and Columbia, Maryland-based MedStar Health--have led to lawmakers discussing how federal efforts and legislation to protect the industry can improve. The former institution paid $17,000 to regain control of its systems, with CEO Allen Stefanek saying it was “the quickest and most efficient way” to get operations back to normal."
HHS OCR published a whitepaper offering guidance regarding ransomware, the governments views regarding it and suggestions on how to guard against it. One critical note from this whitepaper is that if a healthcare organization’s computers are infected with ransomware, the government will consider it a data breach, unless there’s a low probability information has been compromised.
We continue to suggest that you are vigilant on the critical areas of:
Contact and talk to your vCIO to understand your services and what else you should be doing to protect your practice and its operations.